This bug was fixed in the package gypsy - 0.8-0ubuntu2.1
---------------
gypsy (0.8-0ubuntu2.1) natty-security; urgency=low
* SECURITY UPDATE: "arbitrary file access and buffer overflows"
A new config file, /etc/gypsy.conf, is added that specifies a whitelist
of globs. By default, they are "/dev/tty*", "/dev/pgps", and "bluetooth"
(which matches Bluetooth addresses).
Thanks to Michael Leibowitz <[email protected]>
CVE-2011-0523
* SECURITY UPDATE: Prevent buffer overflows in NMEA parsing by using
snprintf() instead of sprintf.
Thanks to Bastien Nocera <[email protected]>
CVE-2011-0524 (LP: #690323)
* Run autoreconf to include changes to configure.ac
-- Andreas Moog <[email protected]> Sat, 11 Feb 2012 15:59:26 +0100
** Changed in: gypsy (Ubuntu Maverick)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/690323
Title:
gypsy opens arbitrary files, has unchecked buffer overflows
To manage notifications about this bug go to:
https://bugs.launchpad.net/gypsy/+bug/690323/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
