[ubuntu/vivid-updates] dpkg 1.17.25ubuntu1.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Thu Nov 26 19:28:18 UTC 2015
dpkg (1.17.25ubuntu1.1) vivid-security; urgency=medium
* SECURITY UPDATE: multiple security issues
- dpkg-deb/extract.c: Fix off-by-one write access on versionbuf
variable.
- dpkg-deb/extract.c: Fix off-by-one write access on ctrllenbuf
variable. (CVE-2015-0860)
- lib/dpkg/ar.c: Fix an off-by-one read access in ar member name
variable.
- Thanks to Guillem Jover and Hanno Böck for the patches!
Date: 2015-11-26 13:18:17.835740+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/dpkg/1.17.25ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Vivid-changes
mailing list