kdenetwork (4:4.4.5-0ubuntu1.1) lucid-security; urgency=low
* SECURITY UPDATE: file name directory traversal attack (LP: #757526)
- Add debian/patches/kubuntu_06_kget_metalinker.diff: check if the
filename is well formed, without traversal opportunities
- CVE-2011- (an incomple
kdepimlibs (4:4.4.5-0ubuntu1.1) lucid-security; urgency=low
* no change rebuild for kdenetwork security update
Date: Fri, 15 Apr 2011 09:21:38 -0500
Changed-By: Jamie Strandboge
Maintainer: Kubuntu Developers
https://launchpad.net/ubuntu/lucid/+source/kdepimlibs/4:4.4.5-0ubuntu1.1
Format: 1.8
postfix (2.7.0-1ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: man-in-the-middle via plaintext command injection
- src/smtp/smtp_proto.c, src/smtpd/smtpd.c: discard the contents of the
stream buffer so there is no pending plaintext.
- Origin: backported from postfix-2.7-