[ubuntu/maverick] opie 2.40~dfsg-0ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Jun 17 15:40:18 BST 2010


opie (2.40~dfsg-0ubuntu2) maverick; urgency=low

  * SECURITY UPDATE: denial of service via off-by-one
    - libopie/readrec.c: use strncpy so we don't overflow principal.
    - http://security.freebsd.org/patches/SA-10:05/opie.patch
    - CVE-2010-1938
  * libopie/newseed.c: fix snprintf's length argument so opiepasswd will
    generate valid seeds. (LP: #569292)

Date: Thu, 17 Jun 2010 10:30:54 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/maverick/+source/opie/2.40~dfsg-0ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 17 Jun 2010 10:30:54 -0400
Source: opie
Binary: opie-client opie-server libopie-dev
Architecture: source
Version: 2.40~dfsg-0ubuntu2
Distribution: maverick
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libopie-dev - OPIE library development files.
 opie-client - OPIE programs for generating OTPs on client machines
 opie-server - OPIE programs for maintaining an OTP key file
Launchpad-Bugs-Fixed: 569292
Changes: 
 opie (2.40~dfsg-0ubuntu2) maverick; urgency=low
 .
   * SECURITY UPDATE: denial of service via off-by-one
     - libopie/readrec.c: use strncpy so we don't overflow principal.
     - http://security.freebsd.org/patches/SA-10:05/opie.patch
     - CVE-2010-1938
   * libopie/newseed.c: fix snprintf's length argument so opiepasswd will
     generate valid seeds. (LP: #569292)
Checksums-Sha1: 
 c8350a4e811a35602880ef9c79f3ab57d4aade1f 1111 opie_2.40~dfsg-0ubuntu2.dsc
 21a73acc55e52ef73e16e6057bfacb22ec162510 9398 opie_2.40~dfsg-0ubuntu2.diff.gz
Checksums-Sha256: 
 bd488760ba6aa072413350e659ef7728d28013c633696249b6f85262ab85af5a 1111 opie_2.40~dfsg-0ubuntu2.dsc
 e9168a74e08fc0fd1383dd9424e822bac9a1f662452d096ac7c0d06085e171f8 9398 opie_2.40~dfsg-0ubuntu2.diff.gz
Files: 
 f5f4a6c9cccd1771ee0d5e660b4923ca 1111 admin optional opie_2.40~dfsg-0ubuntu2.dsc
 ad83cd06322831ff56f204c289a609f5 9398 admin optional opie_2.40~dfsg-0ubuntu2.diff.gz
Original-Maintainer: Michael Stone <mstone at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkwaMvoACgkQLMAs/0C4zNoU1gCgpBlEYK/o+2HfWFV7QZb/a0pm
iJEAniC2XGMKtGcsezPknNCHKwWSX9nY
=1rCD
-----END PGP SIGNATURE-----


More information about the Maverick-changes mailing list