[ubuntu/lucid-security] coreutils 7.4-2ubuntu3.1 (Accepted)
Seth Arnold
seth.arnold at canonical.com
Wed Jan 14 21:01:25 UTC 2015
coreutils (7.4-2ubuntu3.1) lucid-security; urgency=medium
* SECURITY UPDATE: infinite loop or crash in TZ environment variable
handling.
- debian/patches/CVE-2014-9471.dpatch: modify lib/getdate.y and
tests/misc/date to avoid crashing with malformed TZ
- CVE-2014-9471
* SECURITY UPDATE: local privilege escalation via /tmp file race in
dist-check.mk
- debian/patches/CVE-2009-4135.dpatch: modify dist-check.mk to no longer
use system /tmp directory for predictable names
- CVE-2009-4135
Date: 2015-01-14 03:39:11.849833+00:00
Changed-By: Seth Arnold <seth.arnold at canonical.com>
https://launchpad.net/ubuntu/+source/coreutils/7.4-2ubuntu3.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Lucid-changes
mailing list