Accepted: comix 3.6.4-1.1 (source)
Ubuntu Installer
archive at ubuntu.com
Tue Apr 8 07:21:26 BST 2008
Accepted:
OK: comix_3.6.4.orig.tar.gz
OK: comix_3.6.4-1.1.diff.gz
OK: comix_3.6.4-1.1.dsc
-> Component: universe Section: x11
Origin: Debian/unstable
Format: 1.7
Date: Tue, 08 Apr 2008 06:53:31 +0100
Source: comix
Binary: comix
Architecture: source
Version: 3.6.4-1.1
Distribution: hardy
Urgency: high
Maintainer: Emfox Zhou <emfox at debian.org>
Changed-By: Stefan Ebner <hellboy195 at gmail.com>
Description:
comix - GTK Comic Book Viewer
Closes: 462836 462840
Changes:
comix (3.6.4-1.1) unstable; urgency=high
.
* Non-maintainer upload by the Security Team.
* Apply patch by Mamoru Tasaka to fix arbitrary code execution
via crafted file names because of passing the filename directly
to string concatenation used in os.popen (CVE-2008-1568; Closes: #462840).
* Apply patch by Mamoru Tasaka to use empfile.mkdtemp() to enable comix
for multi-user environments and thus prevent a race condition in /tmp
without a real security impact (Closes: #462836).
Files:
b010db6b861426875a7340f21a6b4e5f 6609 x11 optional comix_3.6.4-1.1.diff.gz
11ee87c5ad9489dca3ac82bbae0cf04a 592 x11 optional comix_3.6.4-1.1.dsc
More information about the Hardy-changes
mailing list