[ubuntu/natty-security] radvd 1:1.7-1ubuntu0.1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Thu Nov 10 17:03:31 UTC 2011
radvd (1:1.7-1ubuntu0.1) natty-security; urgency=low
* SECURITY UPDATE: privilege escalation via buffer overflow in
ND_OPT_DNSSL_INFORMATION option parsing
- debian/patches/CVE-2011-3601.patch: don't overflow int in process.c.
- CVE-2011-3601
* SECURITY UPDATE: arbitrary file overwrite via interface name
- debian/patches/CVE-2011-3602.patch: check for path traversal in
device-linux.c.
- CVE-2011-3602
* SECURITY UPDATE: incorrect privilege dropping handling
- debian/patches/CVE-2011-3603.patch: fail on errors in
privsep-linux.c, radvd.c.
- CVE-2011-3603
* SECURITY UPDATE: denial or service via buffer overreads
- debian/patches/CVE-2011-3604.patch: properly check length in
process.c.
- CVE-2011-3604
* SECURITY UPDATE: temporary denial of service via delay
- debian/patches/CVE-2011-3605.patch: remove delay in process.c.
- CVE-2011-3605
Date: Wed, 12 Oct 2011 09:46:52 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/radvd/1:1.7-1ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Wed, 12 Oct 2011 09:46:52 -0400
Source: radvd
Binary: radvd
Architecture: source
Version: 1:1.7-1ubuntu0.1
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
radvd - Router Advertisement Daemon
Changes:
radvd (1:1.7-1ubuntu0.1) natty-security; urgency=low
.
* SECURITY UPDATE: privilege escalation via buffer overflow in
ND_OPT_DNSSL_INFORMATION option parsing
- debian/patches/CVE-2011-3601.patch: don't overflow int in process.c.
- CVE-2011-3601
* SECURITY UPDATE: arbitrary file overwrite via interface name
- debian/patches/CVE-2011-3602.patch: check for path traversal in
device-linux.c.
- CVE-2011-3602
* SECURITY UPDATE: incorrect privilege dropping handling
- debian/patches/CVE-2011-3603.patch: fail on errors in
privsep-linux.c, radvd.c.
- CVE-2011-3603
* SECURITY UPDATE: denial or service via buffer overreads
- debian/patches/CVE-2011-3604.patch: properly check length in
process.c.
- CVE-2011-3604
* SECURITY UPDATE: temporary denial of service via delay
- debian/patches/CVE-2011-3605.patch: remove delay in process.c.
- CVE-2011-3605
Checksums-Sha1:
27745de935378c1b0f84f6d066717c20e87b9176 1700 radvd_1.7-1ubuntu0.1.dsc
d58f05f9b12294fcb19edfa410b63ba0f4de4368 10008 radvd_1.7-1ubuntu0.1.diff.gz
Checksums-Sha256:
50261198e1b634133d57af7b3cd97c59e5d0dca202b9b318b807c8276653c45a 1700 radvd_1.7-1ubuntu0.1.dsc
91a7e6d22c4de9604a36fed2ec98df42e1e844496a1806dc501af2057e30e3ab 10008 radvd_1.7-1ubuntu0.1.diff.gz
Files:
34c8c256b68ec82c73ab96f372c88854 1700 net optional radvd_1.7-1ubuntu0.1.dsc
2dd4aa4416c90dafc5bc4a7b459e82df 10008 net optional radvd_1.7-1ubuntu0.1.diff.gz
Original-Maintainer: Ghe Rivero <ghe at debian.org>
More information about the Natty-changes
mailing list