[ubuntu/precise-security] rhythmbox_2.96-0ubuntu4.1_armel_translations.tar.gz, rhythmbox_2.96-0ubuntu4.1_static_translations.tar.gz, rhythmbox_2.96-0ubuntu4.1_i386_translations.tar.gz, rhythmbox_2.96-0ubuntu4.1_powerpc_translations.tar.gz, rhythmbox, rhythmbox_2.96-0ubuntu4.1_armhf_translations.tar.gz, rhythmbox_2.96-0ubuntu4.1_amd64_translations.tar.gz 2.96-0ubuntu4.1 (Accepted)

[Jamie Strandboge]

rhythmbox (2.96-0ubuntu4.1) precise-security; urgency=low

  * SECURITY UPDATE: fix insecure directory for python module import in
    context plugin
    - debian/patches/CVE-2012-3355.patch: update context plugin to use
      tempfile.mkdtemp() instead of /tmp/context. Patch thanks to
      Andreas Henriksson.
    - CVE-2012-3355

Date: Mon, 09 Jul 2012 10:55:18 -0500
Changed-By: Jamie Strandboge <ja...@ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/rhythmbox/2.96-0ubuntu4.1

Format: 1.8
Date: Mon, 09 Jul 2012 10:55:18 -0500
Source: rhythmbox
Binary: rhythmbox rhythmbox-data rhythmbox-dbg rhythmbox-plugins 
rhythmbox-plugin-cdrecorder rhythmbox-plugin-magnatune 
rhythmbox-plugin-zeitgeist rhythmbox-mozilla librhythmbox-core5 rhythmbox-dev 
rhythmbox-doc gir1.2-rb-3.0
Architecture: source
Version: 2.96-0ubuntu4.1
Distribution: precise-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
Changed-By: Jamie Strandboge <ja...@ubuntu.com>
Description: 
 gir1.2-rb-3.0 - GObject introspection data for the rhythmbox music player
 librhythmbox-core5 - support library for the rhythmbox music player
 rhythmbox  - music player and organizer for GNOME
 rhythmbox-data - data files for rhythmbox
 rhythmbox-dbg - debugging symbols for rhythmbox
 rhythmbox-dev - development files for the rhythmbox music player
 rhythmbox-doc - documentation files for the rhythmbox music player
 rhythmbox-mozilla - Rhythmbox Mozilla plugin
 rhythmbox-plugin-cdrecorder - burning plugin for rhythmbox music player
 rhythmbox-plugin-magnatune - Magnatune plugin for rhythmbox music player
 rhythmbox-plugin-zeitgeist - zeitgeist plugin for rhythmbox music player
 rhythmbox-plugins - plugins for rhythmbox music player
Changes: 
 rhythmbox (2.96-0ubuntu4.1) precise-security; urgency=low
 .
   * SECURITY UPDATE: fix insecure directory for python module import in
     context plugin
     - debian/patches/CVE-2012-3355.patch: update context plugin to use
       tempfile.mkdtemp() instead of /tmp/context. Patch thanks to
       Andreas Henriksson.
     - CVE-2012-3355
Checksums-Sha1: 
 17d0d9965c9b3c7ec00b18e61c59293cb3cddb19 4128 rhythmbox_2.96-0ubuntu4.1.dsc
 7b6866a95b9e6b6c4ab0f283d46beed97e771679 46199 
rhythmbox_2.96-0ubuntu4.1.debian.tar.gz
Checksums-Sha256: 
 ae72d37d43fc0cbfe92afd42872c4af225caa47fd2181c4bd97f3ccdc0262423 4128 
rhythmbox_2.96-0ubuntu4.1.dsc
 2604efaac40eb1af03d793457e1060e97674b166fef825e99380419087aa2d2a 46199 
rhythmbox_2.96-0ubuntu4.1.debian.tar.gz
Files: 
 e7e0a367ea66f9fa21488e23f849551b 4128 gnome optional 
rhythmbox_2.96-0ubuntu4.1.dsc
 691f76dc4d289b5575d843a547fdb24a 46199 gnome optional 
rhythmbox_2.96-0ubuntu4.1.debian.tar.gz
Original-Maintainer: Debian GNOME Maintainers 
<pkg-gnome-maintain...@lists.alioth.debian.org>

-- 
Precise-changes mailing list
Precise-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/precise-changes