[Bug 1051391] Re: Sync mcrypt 2.6.8-1.1 (universe) from Debian unstable (main)
Felix Geyer
debfx-pkg at fobos.de
Sun Sep 16 09:35:42 UTC 2012
This bug was fixed in the package mcrypt - 2.6.8-1.2
Sponsored for Logan Rosen (logan)
---------------
mcrypt (2.6.8-1.2) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* Fix three other buffer overflows in check_file_head.
* Fix use of uninitialized data when no salt is used.
* Enable hardening flags.
-- Raphael Geissert <geissert at debian.org> Sat, 15 Sep 2012 13:40:02
-0500
mcrypt (2.6.8-1.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* CVE-2012-4409: buffer overflow when decrypting a file with a too
long salt.
* No id: format-string attacks via file name arguments and possibly
others.
-- Raphael Geissert <geissert at debian.org> Thu, 06 Sep 2012 15:38:44
-0500
** Changed in: mcrypt (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1051391
Title:
Sync mcrypt 2.6.8-1.1 (universe) from Debian unstable (main)
Status in “mcrypt” package in Ubuntu:
Fix Released
Bug description:
Please sync mcrypt 2.6.8-1.1 (universe) from Debian unstable (main)
Changelog entries since current quantal version 2.6.8-1:
mcrypt (2.6.8-1.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* CVE-2012-4409: buffer overflow when decrypting a file with a too
long salt.
* No id: format-string attacks via file name arguments and possibly
others.
-- Raphael Geissert <geissert at debian.org> Thu, 06 Sep 2012 15:38:44
-0500
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mcrypt/+bug/1051391/+subscriptions
More information about the Ubuntu-sponsors
mailing list