[Bug 403113] Re: Fsniper doesn't safely check file names.
Launchpad Bug Tracker
403113 at bugs.launchpad.net
Wed Aug 5 15:49:31 BST 2009
This bug was fixed in the package fsniper - 1.3.1-0ubuntu1.1
---------------
fsniper (1.3.1-0ubuntu1.1) jaunty-security; urgency=low
* SECURITY UPDATE: Permissions of PID file are set on current
umask rather than 600. (LP: #403116)
- debian/patches/pid_file_permissons_to_600.patch: adjust
src/main.c to set permissions of PID to 600. Based on
upstream patch.
* SECURITY UPDATE: Quotation marks not safely checked in
filenames. (LP: #403113)
- debian/patches/singlequote_doublequote_issue.patch:
adjust src/handle_event.c to include checking for both
single and double quotation marks. Based on upstream
patch.
* Added quilt support to manage patches.
* Bumped Debian package Standards-Version to 3.8.2
-- Dave Walker (Daviey) <DaveWalker at ubuntu.com> Fri, 24 Jul 2009
21:59:07 +0100
** Changed in: fsniper (Ubuntu Jaunty)
Status: Fix Committed => Fix Released
--
Fsniper doesn't safely check file names.
https://bugs.launchpad.net/bugs/403113
You received this bug notification because you are a member of Ubuntu
Sponsors for universe, which is a direct subscriber.
More information about the Ubuntu-universe-sponsors
mailing list