[ubuntu/precise-security] dpkg 1.16.1.2ubuntu7.7 (Accepted)

[Marc Deslauriers]

dpkg (1.16.1.2ubuntu7.7) precise-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - dpkg-deb/extract.c: Fix off-by-one write access on versionbuf
      variable.
    - dpkg-deb/extract.c: Fix off-by-one write access on ctrllenbuf
      variable. (CVE-2015-0860)
    - lib/dpkg/ar.c: Fix an off-by-one read access in ar member name
      variable.
    - Thanks to Guillem Jover and Hanno Böck for the patches!

Date: 2015-11-26 13:15:15.289561+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/dpkg/1.16.1.2ubuntu7.7

Sorry, changesfile not available.
-- 
Precise-changes mailing list
Precise-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/precise-changes