[ubuntu/noble-updates] opennds 10.2.0+dfsg-1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Sat Mar 30 00:31:51 UTC 2024
opennds (10.2.0+dfsg-1) unstable; urgency=medium
* New upstream release. (Closes: #1059451, #1059452).
- CVE-2023-38313, CVE-2023-38314, CVE-2023-38315, CVE-2023-38316:
Fix NULL pointer dereference if authdir is called with an incomplete or
missing query string.
- CVE-2023-38320, CVE-2023-38322: Fix - NULL pointer dereference if
user_agent is NULL.
- CVE-2023-38324: Generate unique sha256 faskey if not set in config.
- CVE-2023-41101: Fix buffer overflow causing segfault.
- CVE-2023-41102: Fix multiple memory leaks.
* debian/patches:
+ Rebase 1004_add-documentation-key-in-service-file.patch.
+ Add 1005_evaluate-system-call-retvals.patch. Fix FTBFS against recent
Debian.
* debian/{opennds-daemon.install,rules}:
+ Adjust file installations into DEST_DIR.
* debian/copyright:
+ Update copyright attributions.
+ Update copyright attribution for debian/.
+ Update auto-generated copyright.in file.
* lintian:
+ Update files lines in very-long-line-length-in-source-file overrides
with globbings.
* debian/opennds-daemon-common.links:
+ Drop file. Drop man page symlinking. The formerly shipped man page was
bogus and upstream removed it (for now). (Closes: #1040392).
Date: 2024-01-20 16:34:36.028428+00:00
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/opennds/10.2.0+dfsg-1
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list