[Bug 1668552] Re: KDE Project Security Advisory: ktnef: Directory Traversal
Since there is nothing left to sponsor, I am unsubscribing ubuntu- security-sponsors. Please re-subscribe the group when attaching another debdiff. Thanks! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1668552 Title: KDE Project Security Advisory: ktnef: Directory Traversal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1668552/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1668552] Re: KDE Project Security Advisory: ktnef: Directory Traversal
This bug was fixed in the package ktnef - 4:15.12.3-0ubuntu1.1 --- ktnef (4:15.12.3-0ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: Malicious writes during directory traversal. - debian/patches/directory-traversal.patch - Thanks to Eric Sesterhenn for reporting this issue, Albert Astals Cid for fixing this issue. - No CVE number. - fixes (LP: #1668552) -- vis...@vishnunaini.com (v.naini) Thu, 02 Mar 2017 20:58:12 +0530 ** Changed in: ktnef (Ubuntu Xenial) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1668552 Title: KDE Project Security Advisory: ktnef: Directory Traversal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1668552/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1668552] Re: KDE Project Security Advisory: ktnef: Directory Traversal
** Changed in: kdepim (Ubuntu Trusty) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1668552 Title: KDE Project Security Advisory: ktnef: Directory Traversal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1668552/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1668552] Re: KDE Project Security Advisory: ktnef: Directory Traversal
I cannot make debdiffs' for kdepim as I am not sure if the patch is compatible. Someone familiar with the code should patch it. ** Changed in: ktnef (Ubuntu Xenial) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1668552 Title: KDE Project Security Advisory: ktnef: Directory Traversal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1668552/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1668552] Re: KDE Project Security Advisory: ktnef: Directory Traversal
debdiff for ktnef in xenial is attached. kdepim also needs to patched both in xenial and trusty. ** Attachment added: "ktnef-xenial-debdiff" https://bugs.launchpad.net/ubuntu/+source/ktnef/+bug/1668552/+attachment/4829858/+files/ktnef-xenial-debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1668552 Title: KDE Project Security Advisory: ktnef: Directory Traversal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1668552/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1668552] Re: KDE Project Security Advisory: ktnef: Directory Traversal
This bug was fixed in the package ktnef - 4:16.04.3-0ubuntu1.1 --- ktnef (4:16.04.3-0ubuntu1.1) yakkety-security; urgency=medium * SECURITY UPDATE: Malicious writes during directory traversal. - debian/patches/directory-traversal.patch - Thanks to Eric Sesterhenn for reporting this issue, Albert Astals Cid for fixing this issue. - No CVE number. - fixes (LP: #1668552) -- vis...@vishnunaini.com (v.naini) Wed, 01 Mar 2017 13:53:49 +0530 ** Changed in: ktnef (Ubuntu Yakkety) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1668552 Title: KDE Project Security Advisory: ktnef: Directory Traversal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1668552/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1668552] Re: KDE Project Security Advisory: ktnef: Directory Traversal
** Changed in: ktnef (Ubuntu Xenial) Importance: Undecided => High ** Changed in: ktnef (Ubuntu Yakkety) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1668552 Title: KDE Project Security Advisory: ktnef: Directory Traversal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1668552/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1668552] Re: KDE Project Security Advisory: ktnef: Directory Traversal
Ktnef exists in xenial and should be affected the same. As for kdepim, I made a mistake when looking at the contents. The code is rather different, so if the old ktnef from kdepim is affected then this is relevant for trusty *and* xenial, not just trusty. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1668552 Title: KDE Project Security Advisory: ktnef: Directory Traversal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1668552/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1668552] Re: KDE Project Security Advisory: ktnef: Directory Traversal
This bug was fixed in the package ktnef - 4:16.04.3-0ubuntu2 --- ktnef (4:16.04.3-0ubuntu2) zesty; urgency=medium * SECURITY UPDATE: Malicious writes during directory traversal. - debian/patches/directory-traversal.patch - Thanks to Eric Sesterhenn for reporting this issue, Albert Astals Cid for fixing this issue. - No CVE number. - fixes (LP: #1668552) -- vis...@vishnunaini.com (v.naini) Wed, 01 Mar 2017 13:53:49 +0530 ** Changed in: ktnef (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1668552 Title: KDE Project Security Advisory: ktnef: Directory Traversal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1668552/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1668552] Re: KDE Project Security Advisory: ktnef: Directory Traversal
ACK on the debdiff in comment #1, I've uploaded packages for building to yakkety and zesty with a slight changelog whitespace and pocket change. The yakkety package will be published as a security update as soon as it's built. Thanks! -- You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kdepim in Ubuntu. https://bugs.launchpad.net/bugs/1668552 Title: KDE Project Security Advisory: ktnef: Directory Traversal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1668552/+subscriptions -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 1668552] Re: KDE Project Security Advisory: ktnef: Directory Traversal
Xenial is in kdepim not ktnef. ** Changed in: ktnef (Ubuntu Xenial) Status: Confirmed => New -- You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kdepim in Ubuntu. https://bugs.launchpad.net/bugs/1668552 Title: KDE Project Security Advisory: ktnef: Directory Traversal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1668552/+subscriptions -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 1668552] Re: KDE Project Security Advisory: ktnef: Directory Traversal
debdiff for yakkety is included in the attachment. ** Attachment added: "yakkety-debdiff" https://bugs.launchpad.net/ubuntu/+source/ktnef/+bug/1668552/+attachment/4828791/+files/yakkety-debdiff ** Changed in: ktnef (Ubuntu Xenial) Status: New => Confirmed ** Changed in: ktnef (Ubuntu Yakkety) Status: New => Confirmed -- You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kdepim in Ubuntu. https://bugs.launchpad.net/bugs/1668552 Title: KDE Project Security Advisory: ktnef: Directory Traversal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1668552/+subscriptions -- kubuntu-bugs mailing list kubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 1668552] Re: KDE Project Security Advisory: ktnef: Directory Traversal
** Also affects: ktnef (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: ktnef (Ubuntu Yakkety) Importance: Undecided Status: New ** Also affects: kdepim (Ubuntu) Importance: Undecided Status: New ** Changed in: kdepim (Ubuntu) Status: New => Invalid ** No longer affects: kdepim (Ubuntu Xenial) ** No longer affects: kdepim (Ubuntu Yakkety) ** Also affects: kdepim (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: ktnef (Ubuntu Trusty) Importance: Undecided Status: New ** No longer affects: ktnef (Ubuntu Trusty) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1668552 Title: KDE Project Security Advisory: ktnef: Directory Traversal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1668552/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
