[ubuntu/maverick-security] vdr_1.6.0-18ubuntu1.1_powerpc_translations.tar.gz, vdr_1.6.0-18ubuntu1.1_i386_translations.tar.gz, vdr_1.6.0-18ubuntu1.1_armel_translations.tar.gz, vdr, vdr_1.6.0-18ubuntu1.1_amd64_translations.tar.gz 1.6.0-18ubuntu1.1 (Accepted)
Zubin Mithra
zubin.mithra at gmail.com
Wed Feb 15 05:34:09 UTC 2012
vdr (1.6.0-18ubuntu1.1) maverick-security; urgency=low
* SECURITY UPDATE: vdrleaktest in Video Disk Recorder (VDR) 1.6.0 places a
zero-length directory name in the LD_LIBRARY_PATH, which allows local users
to gain privileges via a Trojan horse shared library in the current working
directory. (LP: #930700)
- http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/natty/vdr/natty/revision/24#debian/vdrleaktest
and
http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/natty/vdr/natty/revision/25#debian/vdrleaktest
- debian/vdrtestleak: changed to set LD_LIBRARY_PATH securely
- CVE-2010-3387
Date: Tue, 14 Feb 2012 10:38:34 -0800
Changed-By: Zubin Mithra <zubin.mithra at gmail.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/vdr/1.6.0-18ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Tue, 14 Feb 2012 10:38:34 -0800
Source: vdr
Binary: vdr vdr-dev vdr-dbg vdr-plugin-sky vdr-plugin-examples
Architecture: source
Version: 1.6.0-18ubuntu1.1
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Zubin Mithra <zubin.mithra at gmail.com>
Description:
vdr - Video Disk Recorder for DVB cards
vdr-dbg - Debuggable version of the VDR Video Disk Recorder
vdr-dev - Video Disk Recorder for DVB cards
vdr-plugin-examples - Plugins for vdr to show some possible features
vdr-plugin-sky - Plugin for using a Sky Digibox with vdr
Launchpad-Bugs-Fixed: 930700
Changes:
vdr (1.6.0-18ubuntu1.1) maverick-security; urgency=low
.
* SECURITY UPDATE: vdrleaktest in Video Disk Recorder (VDR) 1.6.0 places a
zero-length directory name in the LD_LIBRARY_PATH, which allows local users
to gain privileges via a Trojan horse shared library in the current working
directory. (LP: #930700)
- http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/natty/vdr/natty/revision/24#debian/vdrleaktest
and
http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/natty/vdr/natty/revision/25#debian/vdrleaktest
- debian/vdrtestleak: changed to set LD_LIBRARY_PATH securely
- CVE-2010-3387
Checksums-Sha1:
e58339c765addf1b4a23059079806b8683e4b06a 2173 vdr_1.6.0-18ubuntu1.1.dsc
514de9abc4883cddbaf75957e1eac67f4f967450 149496 vdr_1.6.0-18ubuntu1.1.diff.gz
Checksums-Sha256:
5738845d58b8b30392813fb6cda183096aa69ce14aed2d2de306d738e8a4ba2c 2173 vdr_1.6.0-18ubuntu1.1.dsc
73c45be01d506959fc60140d52bdeb9517c37db937e501d8462500eb31d4cb34 149496 vdr_1.6.0-18ubuntu1.1.diff.gz
Files:
126c3be97424a3655ab844b8f5caeb36 2173 video extra vdr_1.6.0-18ubuntu1.1.dsc
3f445c580e63d03cc9d275298f6d405d 149496 video extra vdr_1.6.0-18ubuntu1.1.diff.gz
Original-Maintainer: Debian VDR Team <pkg-vdr-dvb-devel at lists.alioth.debian.org>
More information about the Maverick-changes
mailing list