Accepted: wml, wml, wml, wml, wml, wml, wml 2.0.8-11ubuntu0.6.06 (source, amd64, hppa, i386, ia64, powerpc, sparc)

Fri, 14 Mar 2008 13:56:09 -0700 

Accepted:
 OK: wml_2.0.8.orig.tar.gz
 OK: wml_2.0.8-11ubuntu0.6.06.diff.gz
 OK: wml_2.0.8-11ubuntu0.6.06.dsc
     -> Component: universe Section: web
 OK: wml_2.0.8-11ubuntu0.6.06_amd64.deb
 OK: wml_2.0.8-11ubuntu0.6.06_hppa.deb
 OK: wml_2.0.8-11ubuntu0.6.06_i386.deb
 OK: wml_2.0.8-11ubuntu0.6.06_ia64.deb
 OK: wml_2.0.8-11ubuntu0.6.06_powerpc.deb
 OK: wml_2.0.8-11ubuntu0.6.06_sparc.deb

Format: 1.7
Date: Mon, 10 Mar 2008 17:49:38 +0100
Source: wml
Binary: wml
Architecture: amd64 hppa i386 ia64 powerpc source sparc
Version: 2.0.8-11ubuntu0.6.06
Distribution: dapper-security
Urgency: low
Maintainer: Denis Barbier <[EMAIL PROTECTED]>
Changed-By: Emanuele Gentili <[EMAIL PROTECTED]>
Description:
 wml        - off-line HTML generation toolkit
Changes:
 wml (2.0.8-11ubuntu0.6.06) dapper-security; urgency=low
 .
   * SECURITY UPDATE: (LP: #191205)
 .
    + wml_backend/p1_ipp/ipp.src (CVE-2008-0665)
     - in Website META Language (WML) 2.0.11 allows local
       users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp
       temporary file.
    + wlm_backend/p3_eperl/eperl_sys.c wml_contrib/wmg.cgi (CVE-2008-0666)
     - Website META Language (WML) 2.0.11 allows local users to overwrite 
arbitrary
       files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used 
by
       wml_contrib/wmg.cgi and (2) temporary files used by
       wml_backend/p3_eperl/eperl_sys.c.
 .
   * References
    + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0665
    + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0666
    + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463907
Files:
 cbf0a3ec40460351ff8993005dbef984 529870 web optional 
wml_2.0.8-11ubuntu0.6.06_amd64.deb
 9e35ae993c9376daa81f2304e4ccdaf2 532196 web optional 
wml_2.0.8-11ubuntu0.6.06_hppa.deb
 5cfae134f1d4108bd395fe17322f3bbe 528528 web optional 
wml_2.0.8-11ubuntu0.6.06_i386.deb
 8807ba3efc7a16f3e7d7e7dcae442589 535444 web optional 
wml_2.0.8-11ubuntu0.6.06_ia64.deb
 4cdb89d0ef5645b77c4e72e59717d406 530834 web optional 
wml_2.0.8-11ubuntu0.6.06_powerpc.deb
 a585dcc29707663be19152e735c285f3 604 web optional wml_2.0.8-11ubuntu0.6.06.dsc
 2920c0c3b0ead768605dd2008a0bf81a 26521 web optional 
wml_2.0.8-11ubuntu0.6.06.diff.gz
 3eacb254ed99a6ea2c64a466a8433544 529040 web optional 
wml_2.0.8-11ubuntu0.6.06_sparc.deb



-- 
dapper-changes mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/dapper-changes

Reply via email to