Accepted: wml, wml, wml, wml, wml 2.0.8-11ubuntu0.6.10 (source, amd64, i386, powerpc, sparc)

Ubuntu Installer archive at ubuntu.com
Fri Mar 14 20:56:06 GMT 2008


Accepted:
 OK: wml_2.0.8.orig.tar.gz
 OK: wml_2.0.8-11ubuntu0.6.10.diff.gz
 OK: wml_2.0.8-11ubuntu0.6.10.dsc
     -> Component: universe Section: web
 OK: wml_2.0.8-11ubuntu0.6.10_amd64.deb
 OK: wml_2.0.8-11ubuntu0.6.10_i386.deb
 OK: wml_2.0.8-11ubuntu0.6.10_powerpc.deb
 OK: wml_2.0.8-11ubuntu0.6.10_sparc.deb

Format: 1.7
Date: Mon, 10 Mar 2008 17:49:38 +0100
Source: wml
Binary: wml
Architecture: amd64 i386 powerpc source sparc
Version: 2.0.8-11ubuntu0.6.10
Distribution: edgy-security
Urgency: low
Maintainer: Denis Barbier <barbier at debian.org>
Changed-By: Emanuele Gentili <emgent at emanuele-gentili.com>
Description:
 wml        - off-line HTML generation toolkit
Changes:
 wml (2.0.8-11ubuntu0.6.10) edgy-security; urgency=low
 .
   * SECURITY UPDATE: (LP: #191205)
 .
    + wml_backend/p1_ipp/ipp.src (CVE-2008-0665)
     - in Website META Language (WML) 2.0.11 allows local
       users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp
       temporary file.
    + wlm_backend/p3_eperl/eperl_sys.c wml_contrib/wmg.cgi (CVE-2008-0666)
     - Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary
       files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by
       wml_contrib/wmg.cgi and (2) temporary files used by
       wml_backend/p3_eperl/eperl_sys.c.
 .
   * References
    + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0665
    + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0666
    + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463907
Files:
 dd90a3f4abd197fa871284e29fd35d00 528574 web optional wml_2.0.8-11ubuntu0.6.10_amd64.deb
 5704f5a397026660a03fd5a8066de3bf 527640 web optional wml_2.0.8-11ubuntu0.6.10_i386.deb
 312433579b56e8c3b873737ed15a3623 529568 web optional wml_2.0.8-11ubuntu0.6.10_powerpc.deb
 20052528cfff835ea9af2ae1d0b7c790 604 web optional wml_2.0.8-11ubuntu0.6.10.dsc
 9e8b0402c5e641c6851c8a4e4193c2d5 26520 web optional wml_2.0.8-11ubuntu0.6.10.diff.gz
 498858a27952738f83f69d5f192a14bf 527860 web optional wml_2.0.8-11ubuntu0.6.10_sparc.deb





More information about the edgy-changes mailing list