This bug was fixed in the package gui-ufw - 15.10.0-0ubuntu1
---------------
gui-ufw (15.10.0-0ubuntu1) wily; urgency=medium
* New upstream release. Upstream changelog:
+ 15.10.0
- Added miniDLNA profile
- Updated languages
+ 15.04.4
- Fix: Migrate commands to subprocess > Fixing shell injection (LP:
#1412554)
- Fix: Allow import profile with English language (LP: #1416631)
- Removed executable flag in config files (mask 600, not 700)
- Updated translations
+ 15.04.3
- Properly fix: Shell Command Injection (LP: #1410839)
+ 15.04.2
- Fix: Shell Injection in the IP & Ports values.
+ 15.04.1
- Fix: Shell Command Injection (LP: #1410839)
- Fix: Not allow one interface over the same interface (LP: #1402220)
- Fix: Not allow Both Protocol with a range of ports (LP: #1402232)
- Updated languages
* debin/control: bump Standard-Version to 3.9.6.
-- Devid Antonio Filoni <[email protected]> Thu, 04 Jun 2015
21:01:39 +0200
** Changed in: gui-ufw (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1410839
Title:
Shell Command injection in ufw_backend.py
To manage notifications about this bug go to:
https://bugs.launchpad.net/gui-ufw/+bug/1410839/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
