sync request ACK'd ** Summary changed:
- Please sync changetrack 4.5-2 (universe) from Debian unstable (main). + Please sync changetrack 4.5-3 (universe) from Debian unstable (main). ** Description changed: - -----BEGIN PGP SIGNED MESSAGE----- - Hash: SHA1 - - affects ubuntu/changetrack - status new - importance wishlist - subscribe ubuntu-universe-sponsors - - Please sync changetrack 4.5-2 (universe) from Debian unstable (main). + Please sync changetrack 4.5-3 (universe) from Debian unstable (main). Please sync the package from debian as it fixes a potential CVE bug. Changelog since current karmic version 4.5-1: + + changetrack (4.5-3) unstable; urgency=medium + + * [reject-weird-filenames.diff] Also reject filenames with exclamation + marks, avoid spaces in auxiliary files, and quote filenames whereever + possible. Urgency due to security implications. + + -- Jens Peter Secher <[email protected]> Sun, 20 Sep 2009 15:01:44 +0200 changetrack (4.5-2) unstable; urgency=low * [reject-weird-filenames.diff] Fix possible local exploit by rejecting filenames with unsafe characters (cf. CVE-2009-3233). Thanks to Marek Grzybowski and Andrzej Lemieszek. (Closes: #546791) -- Jens Peter Secher <[email protected]> Thu, 17 Sep 2009 22:32:43 +0200 - - - -----BEGIN PGP SIGNATURE----- - Version: GnuPG v1.4.6 (GNU/Linux) - - iD8DBQFKtOPLL+KnYRaooWIRAqZ2AJ43IgtvJSdNCYJ9q8S1+WaDZSwDAACeOvDm - 783aMwBIxn9SZ+2LyIGfwZg= - =FizW - -----END PGP SIGNATURE----- ** Tags added: sync ** Changed in: changetrack (Ubuntu) Status: New => Confirmed -- Please sync changetrack 4.5-3 (universe) from Debian unstable (main). https://bugs.launchpad.net/bugs/433065 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
