[ubuntu/precise-security] bzr 2.5.1-0ubuntu2.1 (Accepted)
Steve Langasek
steve.langasek at canonical.com
Mon May 3 12:46:27 UTC 2021
bzr (2.5.1-0ubuntu2.1) precise-security; urgency=medium
* SECURITY UPDATE: Possible arbitrary code execution on clients
through malicious bzr+ssh URLs
- debian/patches/24_ssh_hostnames-lp1710979.patch: ensure that host
arguments to ssh cannot be treated as ssh options.
- debian/patches/fixing_test_fail.patch: test fails for
test_smart_transport.py this patch comment the offended line out.
- LP: #1710979
- CVE-2017-14176
Date: 2017-10-19 17:43:30.704361+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Steve Langasek <steve.langasek at canonical.com>
https://launchpad.net/ubuntu/+source/bzr/2.5.1-0ubuntu2.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list