[Bug 205544] [NEW] Please sync wyrd 1.4.4-1 (universe) from Debian unstable (main).
William Grant
william at qeuni.net
Sun Mar 23 14:01:48 GMT 2008
Public bug reported:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
affects ubuntu/wyrd
status confirmed
importance wishlist
subscribe ubuntu-archive
Please sync wyrd 1.4.4-1 (universe) from Debian unstable (main).
Changelog since current hardy version 1.4.3b-3:
wyrd (1.4.4-1) unstable; urgency=low
* New upstream release that address temporary file vulnerability
(CVE-2008-0806). Patch in version 1.4.3b-4 that addresses this
vulnerabililty (debian bug 466382) removed.
* Updated Homepage address in debian/control, debian/copyright.
* Updated watch file.
* Add libncursesw5-dev to Build-Depends to permit --enable-utf8 configure
flag to be used. Also add DEB_CONFIGURE_EXTRA_FLAGS = --enable-utf8 to
debian/rules. Thanks to Jeremy Bobbio. Closes: #446634.
-- Kevin Coyner <kcoyner at debian.org> Fri, 22 Feb 2008 16:30:36 -0500
wyrd (1.4.3b-4) unstable; urgency=low
* Patch from Nico Golde and the security team.
This patch addresses the following issue:
CVE-2008-0806: insecure temporary file creation that
could lead to symlink attacks and thus data loss. Closes: #466382.
* Bumped Standards-Version to 3.7.3. No changes.
* Moved Homepage header out of extended description.
* Removed unnecessary whitespace in doc-base file.
-- Kevin Coyner <kcoyner at debian.org> Thu, 21 Feb 2008 17:57:30 -0500
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFH5mLIAc+S8KckfcURAoeZAJ9dmrOFgZgNpkfPxNc7SMgY6Dg3GwCfRqh0
9m7t2T5oz7kBv2+czYNSjIU=
=TdhI
-----END PGP SIGNATURE-----
** Affects: wyrd (Ubuntu)
Importance: Wishlist
Status: Confirmed
--
Please sync wyrd 1.4.4-1 (universe) from Debian unstable (main).
https://bugs.launchpad.net/bugs/205544
You received this bug notification because you are a member of Ubuntu
Package Archive Administrators, which is a direct subscriber.
More information about the ubuntu-archive
mailing list