[ubuntu/lucid-security] radvd 1:1.3-1.1ubuntu0.1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Nov 10 17:03:40 UTC 2011 

radvd (1:1.3-1.1ubuntu0.1) lucid-security; urgency=low

  * SECURITY UPDATE: arbitrary file overwrite via interface name
    - debian/patches/CVE-2011-3602.patch: check for path traversal in
      device-linux.c.
    - CVE-2011-3602
  * SECURITY UPDATE: incorrect privilege dropping handling
    - debian/patches/CVE-2011-3603.patch: fail on errors in
      privsep-linux.c, radvd.c.
    - CVE-2011-3603
  * SECURITY UPDATE: denial or service via buffer overreads
    - debian/patches/CVE-2011-3604.patch: properly check length in
      process.c.
    - CVE-2011-3604
  * SECURITY UPDATE: temporary denial of service via delay
    - debian/patches/CVE-2011-3605.patch: remove delay in process.c.
    - CVE-2011-3605

Date: Wed, 12 Oct 2011 10:08:43 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/radvd/1:1.3-1.1ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Wed, 12 Oct 2011 10:08:43 -0400
Source: radvd
Binary: radvd
Architecture: source
Version: 1:1.3-1.1ubuntu0.1
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 radvd      - Router Advertisement Daemon
Changes: 
 radvd (1:1.3-1.1ubuntu0.1) lucid-security; urgency=low
 .
   * SECURITY UPDATE: arbitrary file overwrite via interface name
     - debian/patches/CVE-2011-3602.patch: check for path traversal in
       device-linux.c.
     - CVE-2011-3602
   * SECURITY UPDATE: incorrect privilege dropping handling
     - debian/patches/CVE-2011-3603.patch: fail on errors in
       privsep-linux.c, radvd.c.
     - CVE-2011-3603
   * SECURITY UPDATE: denial or service via buffer overreads
     - debian/patches/CVE-2011-3604.patch: properly check length in
       process.c.
     - CVE-2011-3604
   * SECURITY UPDATE: temporary denial of service via delay
     - debian/patches/CVE-2011-3605.patch: remove delay in process.c.
     - CVE-2011-3605
Checksums-Sha1: 
 97215baac9b9dc7d48390bd23225d5578b0b5eed 1705 radvd_1.3-1.1ubuntu0.1.dsc
 f5991ed2c9d162fb05e129c3e84010a1fa737a9e 9311 radvd_1.3-1.1ubuntu0.1.diff.gz
Checksums-Sha256: 
 478035aedb478f83186de2c38ca974e899857541e56fab8a4040c7eeb2d5dd90 1705 radvd_1.3-1.1ubuntu0.1.dsc
 60bb993304f0964f2b537aad9ac75561ab31ede72b295d7adff0cfd4cea84976 9311 radvd_1.3-1.1ubuntu0.1.diff.gz
Files: 
 c6a1ad3fad150b637184a6939ea50cc6 1705 net optional radvd_1.3-1.1ubuntu0.1.dsc
 8d9d6eb8e717948a9ab00c1cc2506b99 9311 net optional radvd_1.3-1.1ubuntu0.1.diff.gz
Original-Maintainer: Ghe Rivero <ghe at debian.org>

More information about the Lucid-changes mailing list