Accepted xfce4-terminal 0.2.6-0ubuntu3.1 (source)
Ubuntu Installer
archive at ubuntu.com
Tue Aug 14 02:55:44 BST 2007
Accepted:
OK: xfce4-terminal_0.2.6.orig.tar.gz
OK: xfce4-terminal_0.2.6-0ubuntu3.1.diff.gz
OK: xfce4-terminal_0.2.6-0ubuntu3.1.dsc
-> Component: main Section: x11
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 12 Aug 2007 19:44:51 +0200
Source: xfce4-terminal
Binary: xfce4-terminal
Architecture: source
Version: 0.2.6-0ubuntu3.1
Distribution: feisty-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Lionel Le Folgoc <mrpouit at ubuntu.com>
Description:
xfce4-terminal - Xfce terminal emulator
Changes:
xfce4-terminal (0.2.6-0ubuntu3.1) feisty-security; urgency=low
.
* SECURITY: URL handling allows remote shell command execution.
* debian/patches/02_CVE-2007-3770.patch: patch from Darren Salt to properly
escape the uri before running the command and fix desktop files to avoid
over-quoting.
* References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3770
http://bugzilla.xfce.org/show_bug.cgi?id=3383
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437454
Files:
435a5294f568d44abbd907bec892e50e 1043 x11 optional xfce4-terminal_0.2.6-0ubuntu3.1.dsc
2ed6e7705918937831599b2c3d366777 8617 x11 optional xfce4-terminal_0.2.6-0ubuntu3.1.diff.gz
Original-Maintainer: Debian Xfce Maintainers <pkg-xfce-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGwJlVH/9LqRcGPm0RAmlWAJ9bOLEAUZWcWBMbuMsnHOuX5CPmiQCdFA+H
bCMmF1XSqOSepRdA/4WH/f8=
=AerN
-----END PGP SIGNATURE-----
More information about the feisty-changes
mailing list