[ubuntu/oneiric-security] dist-upgrader_0.152.25.11_all.tar.gz, update-manager, update-manager_0.152.25.11_i386_translations.tar.gz, update-manager_0.152.25.11_armel_translations.tar.gz, update-manager_0.152.25.11_powerpc_translations.tar.gz, update-manager_0.152.25.11_amd64_translations.tar.gz 1:0.152.25.11 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Thu May 17 18:34:35 UTC 2012
update-manager (1:0.152.25.11) oneiric-security; urgency=low
* SECURITY UPDATE: Incorrect permissions on system_state archive may
expose repo passwords (LP: #954483)
- DistUpgrade/DistUpgradeMain.py: create file with proper permissions.
- debian/update-manager-core.postinst: clean up permissions on existing
files.
- CVE-2012-0948
* SECURITY UPDATE: Apport hook may upload system_state archive containing
repo passwords (LP: #954483)
- debian/source_update-manager.py: don't upload system_state archives.
- CVE-2012-0949
Date: Tue, 15 May 2012 08:24:51 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Michael Vogt <michael.vogt at ubuntu.com>
https://launchpad.net/ubuntu/oneiric/+source/update-manager/1:0.152.25.11
-------------- next part --------------
Format: 1.8
Date: Tue, 15 May 2012 08:24:51 -0400
Source: update-manager
Binary: update-manager-core update-manager update-manager-text update-manager-kde auto-upgrade-tester
Architecture: source
Version: 1:0.152.25.11
Distribution: oneiric-security
Urgency: low
Maintainer: Michael Vogt <michael.vogt at ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
auto-upgrade-tester - Test release upgrades in a virtual environment
update-manager - GNOME application that manages apt updates
update-manager-core - manage release upgrades
update-manager-kde - Support modules for KPackageKit
update-manager-text - Text application that manages apt updates
Launchpad-Bugs-Fixed: 954483
Changes:
update-manager (1:0.152.25.11) oneiric-security; urgency=low
.
* SECURITY UPDATE: Incorrect permissions on system_state archive may
expose repo passwords (LP: #954483)
- DistUpgrade/DistUpgradeMain.py: create file with proper permissions.
- debian/update-manager-core.postinst: clean up permissions on existing
files.
- CVE-2012-0948
* SECURITY UPDATE: Apport hook may upload system_state archive containing
repo passwords (LP: #954483)
- debian/source_update-manager.py: don't upload system_state archives.
- CVE-2012-0949
Checksums-Sha1:
cd40a6babf3b0cb4de9cf11263411a6ee8e6149e 1769 update-manager_0.152.25.11.dsc
ffbf0d874b39d8ddacbaea20ff108ffc7dbdf21c 3240396 update-manager_0.152.25.11.tar.gz
Checksums-Sha256:
330dc845c0839eab3f15393b07cb98f37bbdf23604f0b680c09bfd2d1dd26b03 1769 update-manager_0.152.25.11.dsc
b19ca2461544b33003bbe81c344d6224ba256fba82db6884ee6e36d65cea1d26 3240396 update-manager_0.152.25.11.tar.gz
Files:
a754671cedd9490c4dc62e1c38e6dacb 1769 gnome optional update-manager_0.152.25.11.dsc
00435a657842ac3144b7f8385af990fc 3240396 gnome optional update-manager_0.152.25.11.tar.gz
More information about the Oneiric-changes
mailing list