*** This bug is a security vulnerability ***
Public security bug reported:
Please sync condor 7.8.2~dfsg.1-1 (universe) from Debian unstable (main)
Changelog entries since current quantal version 7.8.1~dfsg.1-1:
condor (7.8.2~dfsg.1-1) unstable; urgency=high
* Upstream security release. Prevent an attacker who is manipulating
reverse-DNS entries and is able to connect to a Condor daemon to gain
access to a Condor pool that is using DNS/hostname host-based authentication
(only). CVE-2012-3416
-- Michael Hanke <m...@debian.org> Thu, 16 Aug 2012 08:32:49 +0200
condor (7.8.1~dfsg.1-2) unstable; urgency=low
* Remove dangling symlink /usr/sbin/condor -> ../bin/condor. This file no
longer exists (Closes: #678425).
* Add Debconf template translations:
- Czech -- courtesy of Martin Å Ãn <martin....@zshk.cz>
(Closes: #678952)
- Spanish -- courtesy of Fernando C. Estrada <fcestr...@fcestrada.com>
(Closes: #680201)
* Only issue 'condor_restart' command in postinst, when condor_master is
actually running. If that is not the case, for example when daemon
startup is prevented by system policy, package installation would fail
otherwise. Thanks to Andreas Beckmann for the report. (Closes: #681144)
-- Michael Hanke <m...@debian.org> Thu, 21 Jun 2012 18:40:11 +0200
** Affects: condor (Ubuntu)
Importance: Undecided
Status: New
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-3416
** This bug has been flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1038730
Title:
Sync condor 7.8.2~dfsg.1-1 (universe) from Debian unstable (main)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/condor/+bug/1038730/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
