[ubuntu/natty-security] update-notifier_0.111ubuntu2.1_armel_translations.tar.gz, update-notifier_0.111ubuntu2.1_powerpc_translations.tar.gz, update-notifier_0.111ubuntu2.1_amd64_translations.tar.gz, update-notifier, update-notifier_0.111ubuntu2.1_i386_translations.tar.gz 0.111ubuntu2.1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Mon Nov 28 16:04:02 UTC 2011 

update-notifier (0.111ubuntu2.1) natty-security; urgency=low

  * SECURITY UPDATE: hotfix for arbitrary code execution via directory
    traversal in update-manager on iso media (LP: #881548)
    - data/cddistupgrader: patch update-manager that is pulled off an
      upgrade cd.
    - debian/update-manager-downloader-fix2.diff: hotfix to verify
      signature before unpacking the tarball in
      UpdateManager/Core/DistUpgradeFetcherCore.py.
    - debian/update-notifier-common.*: ship new hotfix in package.
    - CVE-2011-3152

Date: Thu, 24 Nov 2011 12:57:39 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Michael Vogt <michael.vogt at ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/update-notifier/0.111ubuntu2.1
-------------- next part --------------
Format: 1.8
Date: Thu, 24 Nov 2011 12:57:39 -0500
Source: update-notifier
Binary: update-notifier update-notifier-common
Architecture: source
Version: 0.111ubuntu2.1
Distribution: natty-security
Urgency: low
Maintainer: Michael Vogt <michael.vogt at ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 update-notifier - Daemon which notifies about package updates
 update-notifier-common - Files shared between update-notifier and other packages
Launchpad-Bugs-Fixed: 881548
Changes: 
 update-notifier (0.111ubuntu2.1) natty-security; urgency=low
 .
   * SECURITY UPDATE: hotfix for arbitrary code execution via directory
     traversal in update-manager on iso media (LP: #881548)
     - data/cddistupgrader: patch update-manager that is pulled off an
       upgrade cd.
     - debian/update-manager-downloader-fix2.diff: hotfix to verify
       signature before unpacking the tarball in
       UpdateManager/Core/DistUpgradeFetcherCore.py.
     - debian/update-notifier-common.*: ship new hotfix in package.
     - CVE-2011-3152
Checksums-Sha1: 
 1c223cc9878db65cf394f801c1601c915615561d 1707 update-notifier_0.111ubuntu2.1.dsc
 4bb94778c8d23b467cb3afb8a9fcefe252c7bf91 249084 update-notifier_0.111ubuntu2.1.tar.gz
Checksums-Sha256: 
 e4e730c10713df021ab95bbf3a0042409bb628a3eada2ed2066775675f6ef256 1707 update-notifier_0.111ubuntu2.1.dsc
 62b42d783b9b4e43e39ae744f7b36d40c34fdfd4f69b830e58de9cf72530123d 249084 update-notifier_0.111ubuntu2.1.tar.gz
Files: 
 8620905e89ebb925a84a90f0a9069e99 1707 gnome optional update-notifier_0.111ubuntu2.1.dsc
 a08ff88208a4bea1a6590ebd3ca9b085 249084 gnome optional update-notifier_0.111ubuntu2.1.tar.gz

More information about the Natty-changes mailing list