This bug was fixed in the package audacity - 1.3.4-1.1ubuntu1
---------------
audacity (1.3.4-1.1ubuntu1) hardy; urgency=low
[ Mario Bonino ]
* Merge from Debian unstable (LP: #179861) remaining changes:
- debian/patches/desktop_file.patch:
- removed deprecated Encoding field
- removed deprecated Application value from Categories
- updated Name fields
- updated Icon field
- debian/control:
- updated Maintainer field
[ Emmet Hikory ]
* Updated merge debdiff to new Debian version for LP: #173153
audacity (1.3.4-1.1) unstable; urgency=high
* Non-maintainer upload by security team.
* Fix insecure directory creation in /tmp by moving the directory
to the users home directory (CVE-2007-6061; Closes: #453283).
* Adding NEWS file to advise the user to change the tmp path
in his config file so there is a notification for users who
are already vulnerable.
audacity (1.3.4-1) unstable; urgency=low
[ Joost Yervante Damad ]
* Survived the library transition (Closes: #426636)
* Disable portmixer as recommended (Closes: #454241)
* only enable jack on i386 and powerpc (See also #406754)
[ Free Ekanayaka ]
* New upstream release
* Force removal of lib-src/libportmixer.a when cleaning (Closes #442497)
* Fixed watch file (Closes: #449637)
* Dropped no more needed desktop, kfreebsd and see patches
-- Emmet Hikory <[EMAIL PROTECTED]> Tue, 22 Jan 2008 21:22:17 +0900
** Changed in: audacity (Ubuntu Hardy)
Status: Confirmed => Fix Released
--
[CVE-2007-6061] Denial of service and deletion of an arbitrary directory tree
via symlink attack
https://bugs.launchpad.net/bugs/173153
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
