[ubuntu/dapper-security] redhat-cluster-suite_1.20060222-0ubuntu6.3_powerpc_translations.tar.gz, redhat-cluster-suite_1.20060222-0ubuntu6.3_hppa_translations.tar.gz, redhat-cluster-suite, redhat-cluster-suite_1.20060222-0ubuntu6.3_sparc_translations.tar.gz (delayed), redhat-cluster-suite_1.20060222-0ubuntu6.3_amd64_translations.tar.gz, redhat-cluster-suite_1.20060222-0ubuntu6.3_ia64_translations.tar.gz, redhat-cluster-suite_1.20060222-0ubuntu6.3_i386_translations.tar.gz 1.20060222-0ubuntu6.3 (Accepted)

Ubuntu Installer archive at ubuntu.com
Fri Dec 18 15:03:47 GMT 2009 

redhat-cluster-suite (1.20060222-0ubuntu6.3) dapper-security; urgency=low

  * SECURITY UPDATE: insecure temporary file handling in multiple places.
    - debian/patches/900_tempfix_fs.dpatch: move logfile to protected
      directory (and update rgmanager/make/defines.mk.input)
    - debian/patches/900_tempfix_oracledb.dpatch: use mktemp and move logfile
      to protected directory (fix in the source even though it is not
      installed)
    - debian/patches/900_tempfix_smb.dpatch: use mktemp
    - debian/patches/900_ccstool.dpatch: use mkstemp()
    - Patches based on upstream changes
    - CVE-2008-6552
  * SECURITY UDPATE: insecure temporary file handling on /tmp/apclog
    - debian/patches/900_fence_apc.dpatch: don't reference /tmp/apclog
      in fence_apc man page, since it is not used. Update fence_apc.pl,
      fence_apc.py and fence_apc_snmp.py to use @LOGDIR@/apclog. Updated
      fence/agents/apc/Makefile and fence/make/defines.mk.input to substitute
      @LOGDIR@
    - CVE-2008-4579
  * SECURITY UPDATE: insecure temporary file handling on
    /tmp/fence_manual.fifo
    - debian/patches/901_fence_manual.dpatch: move fifo to /var/lib/fence
    - CVE-2008-4580
  * debian/rules: update to call dh_installdirs
  * debian/rgmanager.dirs and debian/fence.dirs: install /var/log/cluster
  * debian/fence.dirs: install /var/lib/fence

Date: Wed, 02 Dec 2009 15:30:37 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Fabio M. Di Nitto <fabbione at ubuntu.com>
https://launchpad.net/ubuntu/dapper/+source/redhat-cluster-suite/1.20060222-0ubuntu6.3
-------------- next part --------------
Format: 1.7
Date: Wed, 02 Dec 2009 15:30:37 -0600
Source: redhat-cluster-suite
Binary: libmagma-dev libcman-dev ccs gnbd-server libdlm1 libiddev-dev fence magma-plugins fence-gnbd libcman1 gulm cman libgulm-dev redhat-cluster-suite rgmanager redhat-cluster-suite-source libgulm1 gfs-tools libmagma1 magma gnbd-client libccs-dev libdlm-dev
Architecture: source
Version: 1.20060222-0ubuntu6.3
Distribution: dapper-security
Urgency: low
Maintainer: Fabio M. Di Nitto <fabbione at ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 ccs        - cluster configuration system
 cman       - cluster manager
 fence      - i/o fencing system
 fence-gnbd - global network block device - I/O fencing agent
 gfs-tools  - global file system tools
 gnbd-client - global network block device - client tools
 gnbd-server - global network block device - server tools
 gulm       - server-based unified cluster/lock manager for GFS
 libccs-dev - cluster configuration system - development files
 libcman-dev - cluster manager - development files
 libcman1   - cluster manager - libraries
 libdlm-dev - distributed lock manager - development files
 libdlm1    - distributed lock manager - library
 libgulm-dev - server-based unified cluster/lock manager for GFS
 libgulm1   - server-based unified cluster/lock manager for GFS
 libiddev-dev - device identification
 libmagma-dev - magma cluster abstraction - development files
 libmagma1  - magma cluster abstraction - libraries
 magma      - cluster abstraction tools (magma)
 magma-plugins - magma cluster abstraction plugins
 redhat-cluster-suite - red hat cluster suite (meta package)
 redhat-cluster-suite-source - source for the redhat cluster suite linux kernel modules
 rgmanager  - clustered resource group manager
Changes: 
 redhat-cluster-suite (1.20060222-0ubuntu6.3) dapper-security; urgency=low
 .
   * SECURITY UPDATE: insecure temporary file handling in multiple places.
     - debian/patches/900_tempfix_fs.dpatch: move logfile to protected
       directory (and update rgmanager/make/defines.mk.input)
     - debian/patches/900_tempfix_oracledb.dpatch: use mktemp and move logfile
       to protected directory (fix in the source even though it is not
       installed)
     - debian/patches/900_tempfix_smb.dpatch: use mktemp
     - debian/patches/900_ccstool.dpatch: use mkstemp()
     - Patches based on upstream changes
     - CVE-2008-6552
   * SECURITY UDPATE: insecure temporary file handling on /tmp/apclog
     - debian/patches/900_fence_apc.dpatch: don't reference /tmp/apclog
       in fence_apc man page, since it is not used. Update fence_apc.pl,
       fence_apc.py and fence_apc_snmp.py to use @LOGDIR@/apclog. Updated
       fence/agents/apc/Makefile and fence/make/defines.mk.input to substitute
       @LOGDIR@
     - CVE-2008-4579
   * SECURITY UPDATE: insecure temporary file handling on
     /tmp/fence_manual.fifo
     - debian/patches/901_fence_manual.dpatch: move fifo to /var/lib/fence
     - CVE-2008-4580
   * debian/rules: update to call dh_installdirs
   * debian/rgmanager.dirs and debian/fence.dirs: install /var/log/cluster
   * debian/fence.dirs: install /var/lib/fence
Files: 
 feaab4baaf5bcf2e10241d73f53d99ec 1039 admin optional redhat-cluster-suite_1.20060222-0ubuntu6.3.dsc
 01365d9d56e6f21c2d0d30ae899b6d5b 53886 admin optional redhat-cluster-suite_1.20060222-0ubuntu6.3.diff.gz

More information about the dapper-changes mailing list