[Bug 403113] Re: Fsniper doesn't safely check file names.
Kees Cook
kees at ubuntu.com
Thu Jul 23 22:20:16 UTC 2009
Hi! Thanks for the debdiff. For Karmic, the MOTU sponsors should be
able to handle this. For jaunty, we need to follow
https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures
Most notably, https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation
mentions that the pocket must be jaunty-security, and the jaunty version
should be -0ubuntu1.1 (to not conflict with karmic's updates).
Generally, we try to avoid adding patching systems to already published
sources. It does make sense for karmic, though.
** Also affects: fsniper (Ubuntu Jaunty)
Importance: Undecided
Status: New
** Also affects: fsniper (Ubuntu Karmic)
Importance: Undecided
Assignee: Dave Walker (davewalker)
Status: Fix Committed
** Changed in: fsniper (Ubuntu Karmic)
Status: Fix Committed => In Progress
** Changed in: fsniper (Ubuntu Jaunty)
Status: New => In Progress
** Changed in: fsniper (Ubuntu Karmic)
Status: In Progress => Triaged
** Changed in: fsniper (Ubuntu Jaunty)
Assignee: (unassigned) => Dave Walker (davewalker)
** Changed in: fsniper (Ubuntu Jaunty)
Status: In Progress => Triaged
--
Fsniper doesn't safely check file names.
https://bugs.launchpad.net/bugs/403113
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list