[ubuntu/vivid-security] dpkg 1.17.25ubuntu1.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Nov 26 18:26:51 UTC 2015
dpkg (1.17.25ubuntu1.1) vivid-security; urgency=medium
* SECURITY UPDATE: multiple security issues
- dpkg-deb/extract.c: Fix off-by-one write access on versionbuf
variable.
- dpkg-deb/extract.c: Fix off-by-one write access on ctrllenbuf
variable. (CVE-2015-0860)
- lib/dpkg/ar.c: Fix an off-by-one read access in ar member name
variable.
- Thanks to Guillem Jover and Hanno Böck for the patches!
Date: 2015-11-26 13:18:17.835740+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/dpkg/1.17.25ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Vivid-changes
mailing list