[Bug 1058277] [NEW] Sync condor 7.8.2~dfsg.1-1+deb7u1 (universe) from Debian unstable (main)
Launchpad Bug Tracker
1058277 at bugs.launchpad.net
Fri Sep 28 19:03:06 UTC 2012
You have been subscribed to a public bug by Logan Rosen (logan):
Please sync condor 7.8.2~dfsg.1-1+deb7u1 (universe) from Debian unstable
(main)
Changelog entries since current quantal version 7.8.2~dfsg.1-1:
condor (7.8.2~dfsg.1-1+deb7u1) unstable; urgency=high
* Security update. This release addresses four CVE issues (Closes: #688210):
- Security Item: Some code that was no longer used was removed. The presence
of this code could expose information which would allow an attacker to
control another user's job. (CVE-2012-3493)
- Security Item: Some code that was no longer used was removed. The presence
of this code could have lead to a Denial-of-Service attack which would
allow an attacker to remove another user's idle job. (CVE-2012-3491)
- Security Item: Filesystem (FS) authentication was improved to check the
UNIX permissions of the directory used for authentication. Without this,
an attacker may have been able to impersonate another submitter on the
same submit machine. (CVE-2012-3492)
- Security item: Check setuid return value (CVE-2012-3490)
-- Michael Hanke <mih at debian.org> Wed, 26 Sep 2012 16:10:17 +0200
** Affects: condor (Ubuntu)
Importance: Undecided
Status: New
--
Sync condor 7.8.2~dfsg.1-1+deb7u1 (universe) from Debian unstable (main)
https://bugs.launchpad.net/bugs/1058277
You received this bug notification because you are a member of Ubuntu Sponsors Team, which is subscribed to the bug report.
More information about the Ubuntu-sponsors
mailing list