[ubuntu-mono] [Bug 658997] Re: please update from 0.3.4-1 to 0.3.4-1.1 from Debian (unstable)
Stefan Ebner
sebner at ubuntu.com
Wed Nov 24 16:45:40 UTC 2010
Actually diff between 0.3.4-1 and 0.3.4-1.1ubuntu0.1
** Patch removed: "bareftp_0.3.4-1.1ubuntu0.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/bareftp/+bug/658997/+attachment/1743472/+files/bareftp_0.3.4-1.1ubuntu0.1.debdiff
** Patch added: "bareftp_0.3.4-1.1ubuntu01.debdiff"
https://bugs.launchpad.net/ubuntu/+source/bareftp/+bug/658997/+attachment/1743704/+files/bareftp_0.3.4-1.1ubuntu01.debdiff
--
please update from 0.3.4-1 to 0.3.4-1.1 from Debian (unstable)
https://bugs.launchpad.net/bugs/658997
You received this bug notification because you are a member of Ubuntu
CLI/Mono Uploaders, which is subscribed to bareftp in ubuntu.
Status in “bareftp” package in Ubuntu: Confirmed
Bug description:
Binary package hint: bareftp
There is a local exploit identified as release critical from Debian based on overriding LD_LIBRARY_PATH (http://bugs.debian.org/598284). We do not carry any patch for this package, and the only change from -1 to -1.1 is explicitly for this vulnerability. 0.3.4-1.1 does build on Maverick.
http://security-tracker.debian.org/tracker/CVE-2010-3350
More information about the Ubuntu-mono
mailing list