Accepted xfce4-terminal 0.2.5+r21674-0ubuntu2.1 (source)
Ubuntu Installer
archive at ubuntu.com
Tue Aug 14 02:55:28 BST 2007
Accepted:
OK: xfce4-terminal_0.2.5+r21674.orig.tar.gz
OK: xfce4-terminal_0.2.5+r21674-0ubuntu2.1.diff.gz
OK: xfce4-terminal_0.2.5+r21674-0ubuntu2.1.dsc
-> Component: main Section: x11
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 12 Aug 2007 19:32:12 +0200
Source: xfce4-terminal
Binary: xfce4-terminal
Architecture: source
Version: 0.2.5+r21674-0ubuntu2.1
Distribution: dapper-security
Urgency: low
Maintainer: Debian Xfce Maintainers <pkg-xfce-devel at lists.alioth.debian.org>
Changed-By: Lionel Le Folgoc <mrpouit at ubuntu.com>
Description:
xfce4-terminal - Xfce terminal emulator
Changes:
xfce4-terminal (0.2.5+r21674-0ubuntu2.1) dapper-security; urgency=low
.
* SECURITY: URL handling allows remote shell command execution.
* debian/patches/02_CVE-2007-3770.patch: patch from Darren Salt to properly
escape the uri before running the command and fix desktop files to avoid
over-quoting.
* References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3770
http://bugzilla.xfce.org/show_bug.cgi?id=3383
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437454
Files:
7ab2af378e2db311101541887b3d899f 982 x11 optional xfce4-terminal_0.2.5+r21674-0ubuntu2.1.dsc
902a748e0c0fe963aed9f62d7492247c 7892 x11 optional xfce4-terminal_0.2.5+r21674-0ubuntu2.1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGwJlSH/9LqRcGPm0RAlz1AJ4gyyP9m6A8u6ggrY4r0P9jOzpMNwCgnWX9
mlymyvtAjtjKBzrZuShWF70=
=HxTY
-----END PGP SIGNATURE-----
More information about the dapper-changes
mailing list