[ubuntu/jaunty-security] opie, opie (delayed) 2.40~dfsg-0ubuntu1.9.04.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Mon Jun 21 19:03:52 BST 2010


opie (2.40~dfsg-0ubuntu1.9.04.1) jaunty-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    off-by-one
    - libopie/readrec.c: use strncpy so we don't overflow principal.
    - http://security.freebsd.org/patches/SA-10:05/opie.patch
    - CVE-2010-1938
  * libopie/newseed.c: fix snprintf's length argument so opiepasswd will
    generate valid seeds. (LP: #569292)

Date: Tue, 08 Jun 2010 11:19:07 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/opie/2.40~dfsg-0ubuntu1.9.04.1
-------------- next part --------------
Format: 1.8
Date: Tue, 08 Jun 2010 11:19:07 -0400
Source: opie
Binary: opie-client opie-server libopie-dev
Architecture: source
Version: 2.40~dfsg-0ubuntu1.9.04.1
Distribution: jaunty-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libopie-dev - OPIE library development files.
 opie-client - OPIE programs for generating OTPs on client machines
 opie-server - OPIE programs for maintaining an OTP key file
Launchpad-Bugs-Fixed: 569292
Changes: 
 opie (2.40~dfsg-0ubuntu1.9.04.1) jaunty-security; urgency=low
 .
   * SECURITY UPDATE: denial of service and possible code execution via
     off-by-one
     - libopie/readrec.c: use strncpy so we don't overflow principal.
     - http://security.freebsd.org/patches/SA-10:05/opie.patch
     - CVE-2010-1938
   * libopie/newseed.c: fix snprintf's length argument so opiepasswd will
     generate valid seeds. (LP: #569292)
Checksums-Sha1: 
 1b8cb53884263c1894fe0ca02d5c6a5383e4ca1a 1139 opie_2.40~dfsg-0ubuntu1.9.04.1.dsc
 59c01334cc7074691a7af653124fb6c9874fa8a0 9412 opie_2.40~dfsg-0ubuntu1.9.04.1.diff.gz
Checksums-Sha256: 
 f2aaab605fa0a7e44ea2fb5e9a93e8ed7ff99b7fc2d1cd90298cbfdcf1e22a8e 1139 opie_2.40~dfsg-0ubuntu1.9.04.1.dsc
 6c12c0981c3faaa2092c4c277a90a018051e42350bb0fd8dd41717c5bef98e01 9412 opie_2.40~dfsg-0ubuntu1.9.04.1.diff.gz
Files: 
 7e1e1f2997befa10ae8cffabfa4db522 1139 admin optional opie_2.40~dfsg-0ubuntu1.9.04.1.dsc
 6e9e9190b066ff3ce4d79c44af2cfebe 9412 admin optional opie_2.40~dfsg-0ubuntu1.9.04.1.diff.gz
Original-Maintainer: Michael Stone <mstone at debian.org>


More information about the Jaunty-changes mailing list