[ubuntu/precise-security] python-keyring 0.9.2-0ubuntu0.12.04.2 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Nov 20 17:45:22 UTC 2012
python-keyring (0.9.2-0ubuntu0.12.04.2) precise-security; urgency=low
* SECURITY UPDATE: CryptedFileKeyring format is insecure (LP: #1004845)
- Rebuild python-keyring 0.9.2 from Ubuntu 12.10 as a security update
for Ubuntu 12.04.
- debian/patches/crypto_compat.patch: include PBKDF2() directly to be
compatible with the older version of python-crypto in Ubuntu 12.04.
- CVE-2012-4571
* SECURITY UPDATE: insecure default file permissions (LP: #1031465)
- debian/patches/file_permissions.patch: set appropriate permissions on
database directory.
- CVE number pending
* debian/patches/fix_migration.patch: fix migration code so old
databases get upgraded when a key is read. (LP: #1042754)
* debian/patches/fix_unlock.patch: fix unlocking an existing keyring.
Date: 2012-11-19 18:50:13.776573+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/precise/+source/python-keyring/0.9.2-0ubuntu0.12.04.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list