This bug was fixed in the package accountsservice - 0.6.21-6ubuntu1
---------------
accountsservice (0.6.21-6ubuntu1) quantal; urgency=low
* Reviewed work in progress for the new version, fixed some issues in
the GDbus port work.
* Resync on Debian, remaining diffs:
* debian/patches/0001-formats-locale-property.patch:
- readded bit of the patch that seems to not be in the debian version
* debian/patches/0002-create-and-manage-groups-like-on-a-ubuntu-system.patch:
- updated to gdbus
* debian/patches/0007-add-lightdm-support.patch:
- used Ubuntu version, they are slightly different
* debian/patches/0008-nopasswdlogin-group.patch:
- used Ubuntu version, they are slightly different
* debian/patches/0009-language-tools.patch:
- used Ubuntu version, they are slightly different
* debian/patches/0010-set-language.patch:
- used Ubuntu version, they are slightly different
* debian/patches/0011-add-background-file-support.patch:
- updated for the gdbus codebase
* debian/patches/0012-add-keyboard-layout-support.patch:
- updated for the gdbus codebase
* debian/patches/0013-add-has-message-support.patch:
- updated for the gdbus codebase
[ Robert Ancell ]
* New upstream release (lp: #1003764):
- include fix for users not listed on some architectures (lp: #952909)
* debian/control:
- Drop depends on libdbus-glib-1-dev
* debian/watch:
- Fix download file format
* debian/patches/git-icon-reset.patch:
- Applied upstream
* Updated patch for the new version, especially porting them to gdbus
accountsservice (0.6.21-6) unstable; urgency=high
* CVE-2012-2737: Add patch to prevent race condition with UID
lookup (Closes: #679429):
- src/u{ser,til}.c: Use bus daemon to query peer credentials.
accountsservice (0.6.21-5) unstable; urgency=medium
* Add patch grabbed from upstream git to fix memory leaks in
src/libaccountsservice/act-user.c. Set urgency to medium since the
package has already migrated to testing.
accountsservice (0.6.21-4) unstable; urgency=low
* Manage pending consolekit calls with GtkCancellable to fix SIGSEGV
in libaccountsservice. (Closes: #673185)
accountsservice (0.6.21-3) unstable; urgency=low
* Strip SystemdService out of org.freedesktop.Accounts.service
service file. (Closes: #675925)
accountsservice (0.6.21-2) unstable; urgency=low
* Disable systemd support:
- Let accountsservice build on non-Linux (Closes: #674433)
- Attempt to solve #673185
accountsservice (0.6.21-1) unstable; urgency=low
* New upstream release.
* Refresh patches.
* Add libaccountsservice-dbg package.
accountsservice (0.6.18-3) unstable; urgency=low
* Revert upstream commit 552a0c856a6e3a7c2e6450ab80e79f4204062281
and then fix a regression introduced since 0.6.16:
- Filter out users which have UIDs lower than UID_MIN specified
in etc/login.defs instead of checking if they have
/usr/sbin/nologin as login shell. (Closes: #673095)
Thanks to Michael Biebl for the report.
accountsservice (0.6.18-2) unstable; urgency=low
* Upload to unstable.
accountsservice (0.6.18-1) experimental; urgency=low
* Upload to experimental due to the big amount of changes.
* Imported Upstream version 0.6.18:
- Fix systemd configure check
- Add a few more common system accounts to the blacklist
- Fix some issues in systemd session handling
* Imported Upstream version 0.6.17:
- Fix user filtering which was broken in 0.6.16.
- Fix double free in user code.
* Imported Upstream version 0.6.16:
- Don't filter out users below UID_MIN in login.defs
- Filter out users with invalid shells
- build fixes for srcdir != builddir
- Port to GDBus
- Add systemd support
- vala support and introspection fixes
- ppc32 fixes
- use infinite timeout for ListCachedUsers calls
- Translation updates
* Migrate 0007-add-lightdm-support.patch to GDBus:
- More testing would be appreciated.
* Remove 2001-icon_reset.patch, applied upstream.
* Remove 3001-show_more_than_one_user_powerpc.patch, applied upstream.
* Remove obsolete patches:
- 0003-getpwnam_null_crash.patch
- 0004-history-filter-sessions.patch
* Refresh systemd's build-deps.
* Drop {,build-}dependency on libdbus-glib-1-dev.
* Refresh symbols.
* Refresh debian/copyright.
* Update debian/watch.
* Bump Standards.
accountsservice (0.6.15-4) unstable; urgency=low
* src/user.c: Be more careful when resetting the users icons
- When the current icon is in /usr/share, and we reset the icon, we try
to delete a nonexisting icon file in /var/lib/AccountsService/icons.
Deal with this eventuality.
* fix compute_object_path on powerpc (Closes: #635168)
- long isn't necessarily 64bit. On big endian architectures, where it's
smaller than 64bit, the compute_object_path function will get computed
incorrectly; thanks to Ray Strode and Michel Dänzer.
* Apply 2001-icon_reset.patch,3001-show_more_than_one_user_powerpc.patch on
Ubuntu too.
* Integrate Ubuntu patches and apply them in debian/patches/ubuntu.series
(for Ubuntu only):
- 0001-formats-locale-property.patch
- 0002-create-and-manage-groups-like-on-a-ubuntu-system.patch
- 0005-gdm_config_file_path_ubuntu.patch
- 0008-nopasswdlogin-group.patch
- 0009-language-tools.patch
- 0010-set-language.patch
- 0011-add-background-file-support.patch
- 0012-add-keyboard-layout-support.patch
- 0013-add-has-message-support.patch
accountsservice (0.6.15-3) unstable; urgency=low
* Move GIR package into the new section "introspection".
* debian/patches/0011-add-background-file-support.patch
- Add support for a BackgroundFile property, similar to IconFile.
Apply on Ubuntu only. (LP: #844081)
* Fix file permissions bypass (LP: #904395), applies on Ubuntu only:
- debian/patches/0010-set-language.patch:
Drop privileges before letting help scripts in
/usr/share/language-tools write to $HOME.
- debian/patches/0009-language-tools.patch:
Drop chown() call in /usr/share/language-tools/save-to-profile.
CVE-2011-4406
* Refresh patches.
-- Sebastien Bacher <seb...@ubuntu.com> Thu, 19 Jul 2012 19:00:43 +0200
** Changed in: accountsservice (Ubuntu)
Status: In Progress => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-4406
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-2737
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to accountsservice in Ubuntu.
https://bugs.launchpad.net/bugs/1003764
Title:
Update to 0.6.21
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/accountsservice/+bug/1003764/+subscriptions
--
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
