[Bug 433065] [NEW] Please sync changetrack 4.5-2 (universe) from Debian unstable (main).
Bhavani Shankar
right2bhavi at gmail.com
Sat Sep 19 14:59:41 BST 2009
Public bug reported:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
affects ubuntu/changetrack
status new
importance wishlist
subscribe ubuntu-universe-sponsors
Please sync changetrack 4.5-2 (universe) from Debian unstable (main).
Please sync the package from debian as it fixes a potential CVE bug.
Changelog since current karmic version 4.5-1:
changetrack (4.5-2) unstable; urgency=low
* [reject-weird-filenames.diff] Fix possible local exploit by rejecting
filenames with unsafe characters (cf. CVE-2009-3233). Thanks to Marek
Grzybowski and Andrzej Lemieszek.
(Closes: #546791)
-- Jens Peter Secher <jps at debian.org> Thu, 17 Sep 2009 22:32:43 +0200
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFKtOPLL+KnYRaooWIRAqZ2AJ43IgtvJSdNCYJ9q8S1+WaDZSwDAACeOvDm
783aMwBIxn9SZ+2LyIGfwZg=
=FizW
-----END PGP SIGNATURE-----
** Affects: changetrack (Ubuntu)
Importance: Wishlist
Status: New
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-3233
--
Please sync changetrack 4.5-2 (universe) from Debian unstable (main).
https://bugs.launchpad.net/bugs/433065
You received this bug notification because you are a member of Ubuntu
Sponsors for universe, which is a direct subscriber.
More information about the Ubuntu-universe-sponsors
mailing list