[ubuntu/lucid-security] coreutils 7.4-2ubuntu3.1 (Accepted)

Seth Arnold seth.arnold at canonical.com
Wed Jan 14 21:01:25 UTC 2015

coreutils (7.4-2ubuntu3.1) lucid-security; urgency=medium

  * SECURITY UPDATE: infinite loop or crash in TZ environment variable
    - debian/patches/CVE-2014-9471.dpatch: modify lib/getdate.y and
      tests/misc/date to avoid crashing with malformed TZ
    - CVE-2014-9471
  * SECURITY UPDATE: local privilege escalation via /tmp file race in
    - debian/patches/CVE-2009-4135.dpatch: modify dist-check.mk to no longer
      use system /tmp directory for predictable names
    - CVE-2009-4135

Date: 2015-01-14 03:39:11.849833+00:00
Changed-By: Seth Arnold <seth.arnold at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Lucid-changes mailing list