[ubuntu/maverick-security] gypsy 0.8-0ubuntu1.1 (Accepted)

Andreas Moog amoog at ubuntu.com
Wed Feb 15 16:04:11 UTC 2012 

gypsy (0.8-0ubuntu1.1) maverick-security; urgency=low

  * SECURITY UPDATE: "arbitrary file access and buffer overflows"
    A new config file, /etc/gypsy.conf, is added that specifies a whitelist
    of globs.  By default, they are "/dev/tty*",  "/dev/pgps", and "bluetooth"
    (which matches Bluetooth addresses).
    Thanks to Michael Leibowitz <michael.leibowitz at intel.com>
    CVE-2011-0523
  * SECURITY UPDATE: Prevent buffer overflows in NMEA parsing by using
    snprintf() instead of sprintf.
    Thanks to Bastien Nocera <hadess at hadess.net>
    CVE-2011-0524 (LP: #690323)
  * Run autoreconf to include changes to configure.ac

Date: Sat, 11 Feb 2012 16:02:45 +0100
Changed-By: Andreas Moog <amoog at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/gypsy/0.8-0ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Sat, 11 Feb 2012 16:02:45 +0100
Source: gypsy
Binary: gypsy-daemon libgypsy0 libgypsy-dev libgypsy-doc
Architecture: source
Version: 0.8-0ubuntu1.1
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Andreas Moog <amoog at ubuntu.com>
Description: 
 gypsy-daemon - A GPS Multiplexing Daemon
 libgypsy-dev - A GPS Multiplexing Daemon (Development Package)
 libgypsy-doc - A GPS Multiplexing Daemon (HTML API Docs)
 libgypsy0  - A GPS Multiplexing Daemon (Library Package)
Launchpad-Bugs-Fixed: 690323
Changes: 
 gypsy (0.8-0ubuntu1.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: "arbitrary file access and buffer overflows"
     A new config file, /etc/gypsy.conf, is added that specifies a whitelist
     of globs.  By default, they are "/dev/tty*",  "/dev/pgps", and "bluetooth"
     (which matches Bluetooth addresses).
     Thanks to Michael Leibowitz <michael.leibowitz at intel.com>
     CVE-2011-0523
   * SECURITY UPDATE: Prevent buffer overflows in NMEA parsing by using
     snprintf() instead of sprintf.
     Thanks to Bastien Nocera <hadess at hadess.net>
     CVE-2011-0524 (LP: #690323)
   * Run autoreconf to include changes to configure.ac
Checksums-Sha1: 
 6ec896de23d590b5edaa0d0ff83b3a6874956855 1840 gypsy_0.8-0ubuntu1.1.dsc
 b45f68629420cbe024af03e3fccae4495f8622ec 22537 gypsy_0.8-0ubuntu1.1.debian.tar.gz
Checksums-Sha256: 
 842a044006721d57c984caa4a274b20c42e8369596e9ceed97a5e5ea8054db11 1840 gypsy_0.8-0ubuntu1.1.dsc
 23011d005893e41611b9fe2d088ab36aa330e04d16d76835707d490f6466d396 22537 gypsy_0.8-0ubuntu1.1.debian.tar.gz
Files: 
 4e58fd8d8d77e29b8694ee36c42527ba 1840 utils optional gypsy_0.8-0ubuntu1.1.dsc
 45987fe5f3e3c152d6d2e712fa6a46fd 22537 utils optional gypsy_0.8-0ubuntu1.1.debian.tar.gz
Original-Maintainer: Linaro User Platforms <linaro-dev at lists.linaro.org>

More information about the Maverick-changes mailing list