[ubuntu/precise-security] maas 1.2+bzr1373+dfsg-0ubuntu1~12.04.4 (Accepted)

Seth Arnold seth.arnold at canonical.com
Thu Nov 7 02:13:48 UTC 2013

maas (1.2+bzr1373+dfsg-0ubuntu1~12.04.4) precise-security; urgency=low

  * SECURITY UPDATE: failure to authenticate downloaded content (LP: #1039513)
    - debian/patches/CVE-2013-1058.patch: Authenticate downloaded files with
      GnuPG and MD5SUM files. Thanks to Julian Edwards.
    - CVE-2013-1058
  * SECURITY UPDATE: configuration options may be loaded from current working
    directory (LP: #1158425)
    - debian/patches/CVE-2013-1057-1-2.patch: Do not load configuration
      options from the current working directory. Thanks to Julian Edwards.
    - CVE-2013-1057

Date: 2013-11-02 06:08:12.996218+00:00
Changed-By: Seth Arnold <seth.arnold at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Precise-changes mailing list