Accepted: wml, wml, wml, wml, wml, wml, wml 2.0.8-11ubuntu0.6.06 (source, amd64, hppa, i386, ia64, powerpc, sparc)
Ubuntu Installer
archive at ubuntu.com
Fri Mar 14 20:55:58 GMT 2008
- Previous message: Accepted: phpmyadmin, phpmyadmin, phpmyadmin_2.8.0.3-1ubuntu0.1_i386_translations.tar.gz 4:2.8.0.3-1ubuntu0.1 (source, i386, raw-translations)
- Next message: Accepted: krb5, krb5, krb5, krb5, krb5, krb5, krb5, krb5_1.4.3-5ubuntu0.7_amd64_translations.tar.gz, krb5_1.4.3-5ubuntu0.7_hppa_translations.tar.gz, krb5_1.4.3-5ubuntu0.7_i386_translations.tar.gz, krb5_1.4.3-5ubuntu0.7_ia64_translations.tar.gz, krb5_1.4.3-5ubuntu0.7_powerpc_translations.tar.gz, krb5_1.4.3-5ubuntu0.7_sparc_translations.tar.gz 1.4.3-5ubuntu0.7 (source, amd64, hppa, i386, ia64, powerpc, sparc, raw-translations, raw-translations, raw-translations, raw-translations, raw-translations, raw-translations)
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Accepted:
OK: wml_2.0.8.orig.tar.gz
OK: wml_2.0.8-11ubuntu0.6.06.diff.gz
OK: wml_2.0.8-11ubuntu0.6.06.dsc
-> Component: universe Section: web
OK: wml_2.0.8-11ubuntu0.6.06_amd64.deb
OK: wml_2.0.8-11ubuntu0.6.06_hppa.deb
OK: wml_2.0.8-11ubuntu0.6.06_i386.deb
OK: wml_2.0.8-11ubuntu0.6.06_ia64.deb
OK: wml_2.0.8-11ubuntu0.6.06_powerpc.deb
OK: wml_2.0.8-11ubuntu0.6.06_sparc.deb
Format: 1.7
Date: Mon, 10 Mar 2008 17:49:38 +0100
Source: wml
Binary: wml
Architecture: amd64 hppa i386 ia64 powerpc source sparc
Version: 2.0.8-11ubuntu0.6.06
Distribution: dapper-security
Urgency: low
Maintainer: Denis Barbier <barbier at debian.org>
Changed-By: Emanuele Gentili <emgent at emanuele-gentili.com>
Description:
wml - off-line HTML generation toolkit
Changes:
wml (2.0.8-11ubuntu0.6.06) dapper-security; urgency=low
.
* SECURITY UPDATE: (LP: #191205)
.
+ wml_backend/p1_ipp/ipp.src (CVE-2008-0665)
- in Website META Language (WML) 2.0.11 allows local
users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp
temporary file.
+ wlm_backend/p3_eperl/eperl_sys.c wml_contrib/wmg.cgi (CVE-2008-0666)
- Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary
files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by
wml_contrib/wmg.cgi and (2) temporary files used by
wml_backend/p3_eperl/eperl_sys.c.
.
* References
+ http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0665
+ http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0666
+ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463907
Files:
cbf0a3ec40460351ff8993005dbef984 529870 web optional wml_2.0.8-11ubuntu0.6.06_amd64.deb
9e35ae993c9376daa81f2304e4ccdaf2 532196 web optional wml_2.0.8-11ubuntu0.6.06_hppa.deb
5cfae134f1d4108bd395fe17322f3bbe 528528 web optional wml_2.0.8-11ubuntu0.6.06_i386.deb
8807ba3efc7a16f3e7d7e7dcae442589 535444 web optional wml_2.0.8-11ubuntu0.6.06_ia64.deb
4cdb89d0ef5645b77c4e72e59717d406 530834 web optional wml_2.0.8-11ubuntu0.6.06_powerpc.deb
a585dcc29707663be19152e735c285f3 604 web optional wml_2.0.8-11ubuntu0.6.06.dsc
2920c0c3b0ead768605dd2008a0bf81a 26521 web optional wml_2.0.8-11ubuntu0.6.06.diff.gz
3eacb254ed99a6ea2c64a466a8433544 529040 web optional wml_2.0.8-11ubuntu0.6.06_sparc.deb
- Previous message: Accepted: phpmyadmin, phpmyadmin, phpmyadmin_2.8.0.3-1ubuntu0.1_i386_translations.tar.gz 4:2.8.0.3-1ubuntu0.1 (source, i386, raw-translations)
- Next message: Accepted: krb5, krb5, krb5, krb5, krb5, krb5, krb5, krb5_1.4.3-5ubuntu0.7_amd64_translations.tar.gz, krb5_1.4.3-5ubuntu0.7_hppa_translations.tar.gz, krb5_1.4.3-5ubuntu0.7_i386_translations.tar.gz, krb5_1.4.3-5ubuntu0.7_ia64_translations.tar.gz, krb5_1.4.3-5ubuntu0.7_powerpc_translations.tar.gz, krb5_1.4.3-5ubuntu0.7_sparc_translations.tar.gz 1.4.3-5ubuntu0.7 (source, amd64, hppa, i386, ia64, powerpc, sparc, raw-translations, raw-translations, raw-translations, raw-translations, raw-translations, raw-translations)
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the dapper-changes
mailing list