bzr (2.5.1-0ubuntu2.1) precise-security; urgency=medium
* SECURITY UPDATE: Possible arbitrary code execution on clients
through malicious bzr+ssh URLs
- debian/patches/24_ssh_hostnames-lp1710979.patch: ensure that host
arguments to ssh cannot be treated as ssh options.
- debian/patches/fixing_test_fail.patch: test fails for
test_smart_transport.py this patch comment the offended line out.
- LP: #1710979
- CVE-2017-14176
Date: 2017-10-19 17:43:30.704361+00:00
Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <ubuntu-archive-ro...@lists.canonical.com>
https://launchpad.net/ubuntu/+source/bzr/2.5.1-0ubuntu2.1
Sorry, changesfile not available.
--
Precise-changes mailing list
Precise-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/precise-changes