[ubuntu/vivid-proposed] elfutils 0.160-0ubuntu3 (Accepted)
Tyler Hicks
tyhicks at canonical.com
Mon Jan 26 09:14:15 UTC 2015
elfutils (0.160-0ubuntu3) vivid; urgency=medium
* SECURITY UPDATE: Directory traversal via crafted ar archive (LP: #1414206)
- debian/patches/CVE-2014-9447.patch: Prevent root directory traversal
while extracting ar archives
- CVE-2014-9447
Date: Fri, 23 Jan 2015 16:24:20 -0600
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Dmitry Shachnev <mitya57 at gmail.com>
https://launchpad.net/ubuntu/+source/elfutils/0.160-0ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 23 Jan 2015 16:24:20 -0600
Source: elfutils
Binary: elfutils libelf1 libelf-dev libdw-dev libdw1 libasm1 libasm-dev
Architecture: source
Version: 0.160-0ubuntu3
Distribution: vivid
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Description:
elfutils - collection of utilities to handle ELF objects
libasm-dev - libasm development libraries and header files
libasm1 - library with a programmable assembler interface
libdw-dev - libdw1 development libraries and header files
libdw1 - library that provides access to the DWARF debug information
libelf-dev - libelf1 development libraries and header files
libelf1 - library to read and write ELF files
Launchpad-Bugs-Fixed: 1414206
Changes:
elfutils (0.160-0ubuntu3) vivid; urgency=medium
.
* SECURITY UPDATE: Directory traversal via crafted ar archive (LP: #1414206)
- debian/patches/CVE-2014-9447.patch: Prevent root directory traversal
while extracting ar archives
- CVE-2014-9447
Checksums-Sha1:
31a3ca682b3441de9808f41bab1ea84dca95f555 2297 elfutils_0.160-0ubuntu3.dsc
dd7543c4b2671c4ef101e7bd4132d1fd9b880cc7 51741 elfutils_0.160-0ubuntu3.debian.tar.gz
Checksums-Sha256:
e296949491c58a239c3bb2e88db6d11b353c877691fae9271cbad0d2358bd502 2297 elfutils_0.160-0ubuntu3.dsc
0e0b9b1ce42682a87a583b68036185f1c4b6e69b4b8577d49f4ea2efad056af1 51741 elfutils_0.160-0ubuntu3.debian.tar.gz
Files:
c27b58192b0cbc1ba9d1128c5bc65b88 2297 libs optional elfutils_0.160-0ubuntu3.dsc
9541da8feef7ba38b844e6e50c2f6f5d 51741 libs optional elfutils_0.160-0ubuntu3.debian.tar.gz
Original-Maintainer: Kurt Roeckx <kurt at roeckx.be>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJUxgUfAAoJENb+cQNj+F3TMToQAJzucRoVmcajjntaw7wJalQe
0YE3XJVimaJiohyjINjSGn3DUG7bZgAGTEIKgKMTQvgRN6HP45y3VG2JNUdYpdNX
9XZ9XtZtDrq9P/wSlKi4cuF0IEaPBP/5sDNdjuARBb8Lhqwz1HcuN1tOAFl/FwT8
isPqIW359D60NN0XSKk9A6X4Nwz4sg0tglrV8EMazVmdOV21QzjufTYywMUr8lc0
YaOUwXpWV1rnMxTMkbtjwtI6hh+xXnHCGrrt2ExVfvoUIJ+eCkva1fTTOjiYxENW
oxT3rzXuT8bUZT87Evppy13n0XHv7UYC86zuC4ZOG5EZ2c6ui8MYtczWVeWaOjy/
sIFRBax2r+Di4qL+QLJbm2EJ6C7Sacc6tCDma4HY1ccCUhePYQNOfKA9e1yDHNi0
xStPJZMtTbgaaqdY5rdvgjJAt4RbOmSqgBAIV6I0veBxUHDW2CDKPxtiahdLjkC/
Ul1IW4DwIrKEZaodsNC1+/fNKRZeU80jU8NXMGguuEzkaFiYwYqik91Vsmh26FLS
sWbXC9utCvLM2s4G/wle2cnPZPTGF35FPtuDDL9JW4fwJlt7ujmhYq+Yu6elrmcf
UG4RE9nc68kutezeJ37GqullkooMbC+0W4fysNzi2BkOU9Q+SZWjlfxjfc/4w7Yd
w+yQ1xK0G48/TlbAAKBZ
=FpAp
-----END PGP SIGNATURE-----
More information about the Vivid-changes
mailing list