[ubuntu/natty-security] bcfg2 1.1.1-2ubuntu1.2 (Accepted)

Julian Taylor jtaylor.debian at googlemail.com
Fri Sep 9 03:03:19 UTC 2011 

bcfg2 (1.1.1-2ubuntu1.2) natty-security; urgency=high

  * SECURITY UPDATE: missing input sanitization allowing execution
    of arbitrary commands (LP: #844743)
    - patch: 0008-Backported-unescaped-shell-command-fixes-from-master.patch
      backported from upstream by Chris St. Pierre
    - https://github.com/fabaff/bcfg2/commit/46795ae451ca6ede55a0edeb726978aef4684b53
    - CVE-2011-3211

Date: Thu, 08 Sep 2011 14:53:11 +0200
Changed-By: Julian Taylor <jtaylor.debian at googlemail.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/bcfg2/1.1.1-2ubuntu1.2
-------------- next part --------------
Format: 1.8
Date: Thu, 08 Sep 2011 14:53:11 +0200
Source: bcfg2
Binary: bcfg2 bcfg2-server
Architecture: source
Version: 1.1.1-2ubuntu1.2
Distribution: natty-security
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Julian Taylor <jtaylor.debian at googlemail.com>
Description: 
 bcfg2      - Configuration management client
 bcfg2-server - Configuration management server
Launchpad-Bugs-Fixed: 844743
Changes: 
 bcfg2 (1.1.1-2ubuntu1.2) natty-security; urgency=high
 .
   * SECURITY UPDATE: missing input sanitization allowing execution
     of arbitrary commands (LP: #844743)
     - patch: 0008-Backported-unescaped-shell-command-fixes-from-master.patch
       backported from upstream by Chris St. Pierre
     - https://github.com/fabaff/bcfg2/commit/46795ae451ca6ede55a0edeb726978aef4684b53
     - CVE-2011-3211
Checksums-Sha1: 
 67a01d39174836892506e1093d8d40e8220e5e1a 1826 bcfg2_1.1.1-2ubuntu1.2.dsc
 9d57c8da914db5c92321ffeb896055a7e6fe02f0 22507 bcfg2_1.1.1-2ubuntu1.2.debian.tar.gz
Checksums-Sha256: 
 9588f9a53abfd0b0e83a252605ee8ceb5ec971541f989c5f3a2e73549abfc2ac 1826 bcfg2_1.1.1-2ubuntu1.2.dsc
 cd49b49934d432e01258616059f0f1763fe371a6390636c528ed90be1983f8a6 22507 bcfg2_1.1.1-2ubuntu1.2.debian.tar.gz
Files: 
 ece5bda61022786663c4121ff3e1cc07 1826 admin optional bcfg2_1.1.1-2ubuntu1.2.dsc
 e3d278b1d0f94d7a2f490229a51b3f6e 22507 admin optional bcfg2_1.1.1-2ubuntu1.2.debian.tar.gz
Original-Maintainer: Arto Jantunen <viiru at debian.org>

More information about the Natty-changes mailing list