[ubuntu/maverick-security] gypsy 0.8-0ubuntu1.1 (Accepted)
Andreas Moog
amoog at ubuntu.com
Wed Feb 15 16:04:11 UTC 2012
gypsy (0.8-0ubuntu1.1) maverick-security; urgency=low
* SECURITY UPDATE: "arbitrary file access and buffer overflows"
A new config file, /etc/gypsy.conf, is added that specifies a whitelist
of globs. By default, they are "/dev/tty*", "/dev/pgps", and "bluetooth"
(which matches Bluetooth addresses).
Thanks to Michael Leibowitz <michael.leibowitz at intel.com>
CVE-2011-0523
* SECURITY UPDATE: Prevent buffer overflows in NMEA parsing by using
snprintf() instead of sprintf.
Thanks to Bastien Nocera <hadess at hadess.net>
CVE-2011-0524 (LP: #690323)
* Run autoreconf to include changes to configure.ac
Date: Sat, 11 Feb 2012 16:02:45 +0100
Changed-By: Andreas Moog <amoog at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/gypsy/0.8-0ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Sat, 11 Feb 2012 16:02:45 +0100
Source: gypsy
Binary: gypsy-daemon libgypsy0 libgypsy-dev libgypsy-doc
Architecture: source
Version: 0.8-0ubuntu1.1
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Andreas Moog <amoog at ubuntu.com>
Description:
gypsy-daemon - A GPS Multiplexing Daemon
libgypsy-dev - A GPS Multiplexing Daemon (Development Package)
libgypsy-doc - A GPS Multiplexing Daemon (HTML API Docs)
libgypsy0 - A GPS Multiplexing Daemon (Library Package)
Launchpad-Bugs-Fixed: 690323
Changes:
gypsy (0.8-0ubuntu1.1) maverick-security; urgency=low
.
* SECURITY UPDATE: "arbitrary file access and buffer overflows"
A new config file, /etc/gypsy.conf, is added that specifies a whitelist
of globs. By default, they are "/dev/tty*", "/dev/pgps", and "bluetooth"
(which matches Bluetooth addresses).
Thanks to Michael Leibowitz <michael.leibowitz at intel.com>
CVE-2011-0523
* SECURITY UPDATE: Prevent buffer overflows in NMEA parsing by using
snprintf() instead of sprintf.
Thanks to Bastien Nocera <hadess at hadess.net>
CVE-2011-0524 (LP: #690323)
* Run autoreconf to include changes to configure.ac
Checksums-Sha1:
6ec896de23d590b5edaa0d0ff83b3a6874956855 1840 gypsy_0.8-0ubuntu1.1.dsc
b45f68629420cbe024af03e3fccae4495f8622ec 22537 gypsy_0.8-0ubuntu1.1.debian.tar.gz
Checksums-Sha256:
842a044006721d57c984caa4a274b20c42e8369596e9ceed97a5e5ea8054db11 1840 gypsy_0.8-0ubuntu1.1.dsc
23011d005893e41611b9fe2d088ab36aa330e04d16d76835707d490f6466d396 22537 gypsy_0.8-0ubuntu1.1.debian.tar.gz
Files:
4e58fd8d8d77e29b8694ee36c42527ba 1840 utils optional gypsy_0.8-0ubuntu1.1.dsc
45987fe5f3e3c152d6d2e712fa6a46fd 22537 utils optional gypsy_0.8-0ubuntu1.1.debian.tar.gz
Original-Maintainer: Linaro User Platforms <linaro-dev at lists.linaro.org>
More information about the Maverick-changes
mailing list