[Bug 1058277] Re: Sync condor 7.8.2~dfsg.1-1+deb7u1 (universe) from Debian unstable (main)
Logan Rosen
1058277 at bugs.launchpad.net
Fri Sep 28 19:03:30 UTC 2012
It took a while to build, so I am attaching a buildlog.
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1058277
Title:
Sync condor 7.8.2~dfsg.1-1+deb7u1 (universe) from Debian unstable
(main)
Status in “condor” package in Ubuntu:
New
Bug description:
Please sync condor 7.8.2~dfsg.1-1+deb7u1 (universe) from Debian
unstable (main)
Changelog entries since current quantal version 7.8.2~dfsg.1-1:
condor (7.8.2~dfsg.1-1+deb7u1) unstable; urgency=high
* Security update. This release addresses four CVE issues (Closes: #688210):
- Security Item: Some code that was no longer used was removed. The presence
of this code could expose information which would allow an attacker to
control another user's job. (CVE-2012-3493)
- Security Item: Some code that was no longer used was removed. The presence
of this code could have lead to a Denial-of-Service attack which would
allow an attacker to remove another user's idle job. (CVE-2012-3491)
- Security Item: Filesystem (FS) authentication was improved to check the
UNIX permissions of the directory used for authentication. Without this,
an attacker may have been able to impersonate another submitter on the
same submit machine. (CVE-2012-3492)
- Security item: Check setuid return value (CVE-2012-3490)
-- Michael Hanke <mih at debian.org> Wed, 26 Sep 2012 16:10:17 +0200
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/condor/+bug/1058277/+subscriptions
More information about the Ubuntu-sponsors
mailing list