Benjamin Montgomery
bmontgom at montynet.org
Tue Nov 8 15:40:10 CST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 6 Nov 2005 20:59:29 -0600
Source: uim
Binary: uim-utils libuim-nox-dev uim-anthy libuim0-dbg uim-m17nlib libuim-dev uim-fep uim-canna libuim0-nox uim-gtk2.0 libuim0 uim uim-xim uim-prime uim-applet-gnome uim-common libuim0-nox-dbg uim-skk
Architecture: source
Version: 1:0.4.7-1ubuntu2
Distribution: dapper
Urgency: low
Maintainer: Masahito Omote <omote at debian.org>
Changed-By: Benjamin Montgomery <bmontgom at montynet.org>
Description:
libuim-dev - Development files for uim
libuim-nox-dev - Development files for uim (without X11)
libuim0 - Simple, secure, and flexible input method collection and library
libuim0-dbg - uim libraries and debugging symbols
libuim0-nox - Simple, secure, and flexible input method collection and library
libuim0-nox-dbg - uim libraries and debugging symbols (without X11)
uim - Simple, secure, and flexible input method collection and library
uim-anthy - Anthy plugin for uim
uim-applet-gnome - GNOME applet for uim
uim-canna - Canna plugin for uim
uim-common - Common files for uim
uim-fep - uim Front End Processor
uim-gtk2.0 - GTK+2.x immodule for uim
uim-m17nlib - m17nlib plugin for uim
uim-prime - PRIME plugin for uim
uim-skk - SKK plugin for uim
uim-utils - Utilities for uim
uim-xim - A bridge between uim and XIM
Changes:
uim (1:0.4.7-1ubuntu2) dapper; urgency=low
.
* SECURITY UPDATE: fix privilege escalation problem
* Added debian/patches/08_CVE-2005-3149.dpatch:
- A malicious user could exploit an error in uim's handling of
environment variables to execute arbitrary code. If the library
is linked with a setuid/setgid application the code could be
executed with root priviledges.
- This patch is backported from 1:0.4.7-2 (debian unstable).
* References:
CVE-2005-3149
http://bugs.debian.org/331620
https://launchpad.net/malone/3328
Files:
59d73ebe4e437d10f4c918d43c898680 1214 libs optional uim_0.4.7-1ubuntu2.dsc
76bcca3ae7951371e7f8efafdeaa3e2a 68263 libs optional uim_0.4.7-1ubuntu2.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDcNJWDecnbV4Fd/IRAvq/AJ9RANDF7RPwyY7wHSZCpKKHANEOugCg5nVK
jlnhyowsZP9GoSNueGIeE5c=
=yCaq
-----END PGP SIGNATURE-----
Accepted:
uim_0.4.7-1ubuntu2.diff.gz
to pool/universe/u/uim/uim_0.4.7-1ubuntu2.diff.gz
uim_0.4.7-1ubuntu2.dsc
to pool/universe/u/uim/uim_0.4.7-1ubuntu2.dsc
More information about the dapper-changes
mailing list