[ubuntu/disco-proposed] libsolv 0.6.35-2ubuntu1 (Accepted)
Mike Salvatore
mike.salvatore at canonical.com
Thu Mar 21 17:28:13 UTC 2019
libsolv (0.6.35-2ubuntu1) disco; urgency=medium
* SECURITY UPDATE: NULL pointer dereference and illegal address access
- debian/patches/CVE-2018-20532-20534-1.patch: Fix: Dereference of null
pointer
- debian/patches/CVE-2018-20532-20534-2.patch: Fix: Add va_end() before
return
- debian/patches/CVE-2018-20532-20534-3.patch: Fix: Memory leaks
- debian/patches/CVE-2018-20532-20534-4.patch: Fix: testsolv segfault
- debian/patches/CVE-2018-20532-20534-5.patch: Fix: testsolv segfaults
- debian/patches/CVE-2018-20532-20534-6.patch: Fix: Be sure that NONBLOCK
is set
- debian/patches/CVE-2018-20532-20534-7.patch: Don't set values that are
never read
- CVE-2018-20532
- CVE-2018-20533
- CVE-2018-20534
Date: Tue, 19 Mar 2019 11:50:49 -0400
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libsolv/0.6.35-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 19 Mar 2019 11:50:49 -0400
Source: libsolv
Architecture: source
Version: 0.6.35-2ubuntu1
Distribution: disco
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
Changes:
libsolv (0.6.35-2ubuntu1) disco; urgency=medium
.
* SECURITY UPDATE: NULL pointer dereference and illegal address access
- debian/patches/CVE-2018-20532-20534-1.patch: Fix: Dereference of null
pointer
- debian/patches/CVE-2018-20532-20534-2.patch: Fix: Add va_end() before
return
- debian/patches/CVE-2018-20532-20534-3.patch: Fix: Memory leaks
- debian/patches/CVE-2018-20532-20534-4.patch: Fix: testsolv segfault
- debian/patches/CVE-2018-20532-20534-5.patch: Fix: testsolv segfaults
- debian/patches/CVE-2018-20532-20534-6.patch: Fix: Be sure that NONBLOCK
is set
- debian/patches/CVE-2018-20532-20534-7.patch: Don't set values that are
never read
- CVE-2018-20532
- CVE-2018-20533
- CVE-2018-20534
Checksums-Sha1:
fef0382df6e65c75e210ca0275048a8e9fbd7bab 2567 libsolv_0.6.35-2ubuntu1.dsc
1962df09e3b0fd514c87063765f30788c8854463 17932 libsolv_0.6.35-2ubuntu1.debian.tar.xz
21ac5642d242b7e1dbe776f29302d8be590eb1a8 10117 libsolv_0.6.35-2ubuntu1_source.buildinfo
Checksums-Sha256:
967bc0d61f9ba46e8d0efbe2b3df1b2b36f3a6fddd86556b05ed9e29911e3344 2567 libsolv_0.6.35-2ubuntu1.dsc
21248477d9613d29937b5c9fb1fcb07a0ec31a9d6159402a721d465ef6ab352a 17932 libsolv_0.6.35-2ubuntu1.debian.tar.xz
20c9191c7203f6ba113d71f77fc35bffae2c008c52646f63779bf1bc226f21b4 10117 libsolv_0.6.35-2ubuntu1_source.buildinfo
Files:
74e3f3899e8d08868363fda80e41ecd6 2567 admin optional libsolv_0.6.35-2ubuntu1.dsc
9945987a3ac4c26f6241c5d955273452 17932 admin optional libsolv_0.6.35-2ubuntu1.debian.tar.xz
2bc1cfbb0cf267ea9170bc98bcde21bb 10117 admin optional libsolv_0.6.35-2ubuntu1_source.buildinfo
Original-Maintainer: Mike Gabriel <sunweaver at debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlyTyVEACgkQZWnYVadE
vpNCkA//T6u8aPyLmYYYkXEG7/4MebPd3JDuHvsTOE16xe88/nqB96Vi8fJpJ8xy
NrtLLgIVpT3yQhIPLniHPPt4rPetcf4sFg1RC28TrcOUtmNOZSQpERT7umqJgPcs
NBdcUG4bOAt3A87pk75bBtCv+eCEMjmO8mvivaieD+hL0C9TjvZzmNXitdfoIKKI
9b9fxdA4lG6fbEmbhSzgmtK/6M81vyJJFQBnn/EF4kLaFLOuay/UJpc9zPnLKtIa
d/ffnjQR3mceml8H1Yj+mnqx8M9kyiBOGbwNIY6HrJxs4zorZ3Qx+3dzzx4M5LiF
sYzUbRZxfvFCg+SYILHOF0xSYxXCX6+ewDmt/CJeP+/ma4BcjMkXal2ZHWp1Piw6
N/LIsKdnXCpzzHo9EQ8DYFmh/hCe1BIKvd5dwe6VyIY/Y9tF1ETQu4Y2eZPIMWXM
3+Mz8AFD3F94YnS52+59IGH/sMIY4pA35TsODkzVksvk9xaUtG/TGB94EKY7INBM
Sfvc/rmVYWYiPnq/iljkIXZ0SdUnflCFIzTP0voMRb4LuFI81mMuWPBFOOzRvfy9
UwX1n5eHPvxmjYpupeWctuGsNjS/GuRRL9PALwkXcNaY5ksyCdgOFV3sunTyxZf5
rewCc+rmq9OZTf4rqArjNqqsEIwCYw+Y5GwnxMRK3S4JBzdPCjc=
=f8uY
-----END PGP SIGNATURE-----
More information about the Disco-changes
mailing list