[ubuntu-mono] [Bug 658997] Re: please update from 0.3.4-1 to 0.3.4-1.1 from Debian (unstable)
Jamie Strandboge
jamie at ubuntu.com
Thu Dec 16 21:24:47 UTC 2010
Natty has 0.3.7-1, which is not affected.
** Also affects: bareftp (Ubuntu Maverick)
Importance: Undecided
Status: New
** Also affects: bareftp (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: bareftp (Ubuntu Natty)
Importance: Low
Status: Confirmed
** Changed in: bareftp (Ubuntu Natty)
Status: Confirmed => Fix Released
** Changed in: bareftp (Ubuntu Lucid)
Status: New => In Progress
** Changed in: bareftp (Ubuntu Maverick)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
CLI/Mono Uploaders, which is subscribed to bareftp in ubuntu.
https://bugs.launchpad.net/bugs/658997
Title:
please update from 0.3.4-1 to 0.3.4-1.1 from Debian (unstable)
Status in “bareftp” package in Ubuntu:
Fix Released
Status in “bareftp” source package in Lucid:
In Progress
Status in “bareftp” source package in Maverick:
In Progress
Status in “bareftp” source package in Natty:
Fix Released
Bug description:
Binary package hint: bareftp
There is a local exploit identified as release critical from Debian based on overriding LD_LIBRARY_PATH (http://bugs.debian.org/598284). We do not carry any patch for this package, and the only change from -1 to -1.1 is explicitly for this vulnerability. 0.3.4-1.1 does build on Maverick.
http://security-tracker.debian.org/tracker/CVE-2010-3350
More information about the Ubuntu-mono
mailing list