[ubuntu/hardy-security] update-manager_0.87.31.1_hppa_translations.tar.gz, update-manager_0.87.31.1_sparc_translations.tar.gz, update-manager, update-manager_0.87.31.1_lpia_translations.tar.gz, update-manager_0.87.31.1_amd64_translations.tar.gz, update-manager_0.87.31.1_ia64_translations.tar.gz, dist-upgrader_0.87.31.1_all.tar.gz, update-manager_0.87.31.1_i386_translations.tar.gz, update-manager_0.87.31.1_powerpc_translations.tar.gz 1:0.87.31.1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Nov 28 16:07:18 UTC 2011
- Previous message: [ubuntu/hardy-security] apt_0.7.9ubuntu17.4_powerpc_translations.tar.gz, apt_0.7.9ubuntu17.4_sparc_translations.tar.gz, apt_0.7.9ubuntu17.4_hppa_translations.tar.gz, apt, apt_0.7.9ubuntu17.4_i386_translations.tar.gz, apt_0.7.9ubuntu17.4_ia64_translations.tar.gz, apt_0.7.9ubuntu17.4_lpia_translations.tar.gz, apt_0.7.9ubuntu17.4_amd64_translations.tar.gz 0.7.9ubuntu17.4 (Accepted)
- Next message: [ubuntu/hardy-security] python-apt_0.7.4ubuntu7.7_hppa_translations.tar.gz, python-apt_0.7.4ubuntu7.7_sparc_translations.tar.gz, python-apt_0.7.4ubuntu7.7_amd64_translations.tar.gz, python-apt_0.7.4ubuntu7.7_i386_translations.tar.gz, python-apt_0.7.4ubuntu7.7_ia64_translations.tar.gz, python-apt_0.7.4ubuntu7.7_lpia_translations.tar.gz, python-apt, python-apt_0.7.4ubuntu7.7_powerpc_translations.tar.gz 0.7.4ubuntu7.7 (Accepted)
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
update-manager (1:0.87.31.1) hardy-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via directory traversal
(LP: #881548)
- UpdateManager/Core/DistUpgradeFetcherCore.py: verify signature before
unpacking the tarball.
- CVE-2011-3152
* SECURITY UPDATE: information leak via insecure temp file (LP: #881541)
- DistUpgrade/DistUpgradeViewKDE.py: use mkstemp instead of mktemp.
- CVE-2011-3154
Date: Wed, 23 Nov 2011 09:58:49 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Michael Vogt <michael.vogt at ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/update-manager/1:0.87.31.1
-------------- next part --------------
Format: 1.7
Date: Wed, 23 Nov 2011 09:58:49 -0500
Source: update-manager
Binary: update-manager-core update-manager
Architecture: source
Version: 1:0.87.31.1
Distribution: hardy-security
Urgency: low
Maintainer: Michael Vogt <michael.vogt at ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
update-manager - GNOME application that manages apt updates
update-manager-core - manage release upgrades
Launchpad-Bugs-Fixed: 881541 881548
Changes:
update-manager (1:0.87.31.1) hardy-security; urgency=low
.
* SECURITY UPDATE: arbitrary code execution via directory traversal
(LP: #881548)
- UpdateManager/Core/DistUpgradeFetcherCore.py: verify signature before
unpacking the tarball.
- CVE-2011-3152
* SECURITY UPDATE: information leak via insecure temp file (LP: #881541)
- DistUpgrade/DistUpgradeViewKDE.py: use mkstemp instead of mktemp.
- CVE-2011-3154
Files:
49860eeb3d37db27970fbf468afac4c3 1496 gnome optional update-manager_0.87.31.1.dsc
8e9bef4ed82a4c67322c018c1885aa19 2073732 gnome optional update-manager_0.87.31.1.tar.gz
- Previous message: [ubuntu/hardy-security] apt_0.7.9ubuntu17.4_powerpc_translations.tar.gz, apt_0.7.9ubuntu17.4_sparc_translations.tar.gz, apt_0.7.9ubuntu17.4_hppa_translations.tar.gz, apt, apt_0.7.9ubuntu17.4_i386_translations.tar.gz, apt_0.7.9ubuntu17.4_ia64_translations.tar.gz, apt_0.7.9ubuntu17.4_lpia_translations.tar.gz, apt_0.7.9ubuntu17.4_amd64_translations.tar.gz 0.7.9ubuntu17.4 (Accepted)
- Next message: [ubuntu/hardy-security] python-apt_0.7.4ubuntu7.7_hppa_translations.tar.gz, python-apt_0.7.4ubuntu7.7_sparc_translations.tar.gz, python-apt_0.7.4ubuntu7.7_amd64_translations.tar.gz, python-apt_0.7.4ubuntu7.7_i386_translations.tar.gz, python-apt_0.7.4ubuntu7.7_ia64_translations.tar.gz, python-apt_0.7.4ubuntu7.7_lpia_translations.tar.gz, python-apt, python-apt_0.7.4ubuntu7.7_powerpc_translations.tar.gz 0.7.4ubuntu7.7 (Accepted)
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Hardy-changes
mailing list