[ubuntu/artful-proposed] bzr 2.7.0+bzr6622-6ubuntu1 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Fri Sep 8 00:50:15 UTC 2017
bzr (2.7.0+bzr6622-6ubuntu1) artful; urgency=medium
* SECURITY UPDATE: Possible arbitrary code execution on clients
through malicious bzr+ssh URLs
- debian/patches/27_ssh_hostnames-lp1710979: ensure that host
arguments to ssh cannot be treated as ssh options.
- LP: #1710979
Date: Wed, 06 Sep 2017 11:17:54 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Tyler Hicks <tyhicks at canonical.com>
https://launchpad.net/ubuntu/+source/bzr/2.7.0+bzr6622-6ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 06 Sep 2017 11:17:54 -0700
Source: bzr
Binary: bzr python-bzrlib python-bzrlib-dbg python-bzrlib.tests bzr-doc
Architecture: source
Version: 2.7.0+bzr6622-6ubuntu1
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description:
bzr - easy to use distributed version control system
bzr-doc - easy to use distributed version control system (documentation)
python-bzrlib - distributed version control system - python library
python-bzrlib-dbg - distributed version control system - debug extension
python-bzrlib.tests - distributed version control system - testsuite
Launchpad-Bugs-Fixed: 1710979
Changes:
bzr (2.7.0+bzr6622-6ubuntu1) artful; urgency=medium
.
* SECURITY UPDATE: Possible arbitrary code execution on clients
through malicious bzr+ssh URLs
- debian/patches/27_ssh_hostnames-lp1710979: ensure that host
arguments to ssh cannot be treated as ssh options.
- LP: #1710979
Checksums-Sha1:
4794ea367b0523f64b488a664d8da72d95228e66 2955 bzr_2.7.0+bzr6622-6ubuntu1.dsc
3bb22020e47841e6843f08785c12e7016255addf 91960 bzr_2.7.0+bzr6622-6ubuntu1.debian.tar.xz
69e2c7ce8a81f76aa456e1c6e528187be8c5b61e 8375 bzr_2.7.0+bzr6622-6ubuntu1_source.buildinfo
Checksums-Sha256:
c8e393a422487a3cd2a5a82d6999805f546d02ba3f51a858d50b5ec1b820c090 2955 bzr_2.7.0+bzr6622-6ubuntu1.dsc
f3d24a1d930b6443b2df1cbacb37626ad94d42406a04d579a4e549bebc6e341e 91960 bzr_2.7.0+bzr6622-6ubuntu1.debian.tar.xz
c752255c08b7ac0ca388b7cbf10a77a91e124bc51eadaaa594cef9aa1b68dba3 8375 bzr_2.7.0+bzr6622-6ubuntu1_source.buildinfo
Files:
17b4b30163e572e753421e7f48fcc788 2955 vcs optional bzr_2.7.0+bzr6622-6ubuntu1.dsc
31763ae9ccadd78795d014d316a3c56b 91960 vcs optional bzr_2.7.0+bzr6622-6ubuntu1.debian.tar.xz
6bef2f6e301a7eb31f5bfbe7acbf3c3f 8375 vcs optional bzr_2.7.0+bzr6622-6ubuntu1_source.buildinfo
Original-Maintainer: Debian Bazaar Maintainers <pkg-bazaar-maint at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJZsee9AAoJENaSAD2qAscKn+IQAJdrNNpqPe3Suu9rbcFsRMU1
G0Pp57sKcrn6SjbtRTyP2vNOSpqCQ0gXltzN1U8U4L4rSy3pvVU1TeSzH1lqn6ut
jvxFGdSJRj3/cIecDMysRCTjw6bKUUB+CVsdTl0mcrjwi4dDjef4h5MN0AY2B8oo
PkhvEFHFoW+9i2crAQ55rCRz3gszLP7MNEtTPhxEbZ8eWGKJ+9dIRplHEy7KARht
2yuh8k+6WygEQ4Wll7ZlqpJKQ8VeKYCQnVj9mG7uBELTn4E9wP557h/v4zNcKFcp
bId8XquH7gkFeqUsJNkUzlHyUQ2j2em38DcBVyfz9jiWJmUVqWqfF7gSpYMY6fSc
Kn3PZCKOU6RgkFWQnVYCGrmHG1ReqlmOlwOq6hgXoEtmQiGSWtrnaRRwWmQ2boIv
w5mUv+GTtoze3GTsL4RCXUsptTFCuG68r7J5jqd5HSIBA44/0/Dd30Wb09be+iyn
Vys0DE2F4FkQwzdMJG1z32jOXHE56LWmCzgzZm5tDwxAUfJdynraq7A3xD9cFiQ+
eJ38WDKl57x1y0POsNjDnzyQDw5KlacT8np7f047rORBkelRjQjen16evq1bbWP0
GNiaC3RT/1WyfZppsKE386n+EHo9yZ5UIYSMO9DJBJL5EsNLM41ryw91bWc2bYWc
Ls6T/rK7YME7CL3BOFmT
=FJxK
-----END PGP SIGNATURE-----
More information about the Artful-changes
mailing list