radvd (1:1.8-1ubuntu0.1) oneiric-security; urgency=low
* SECURITY UPDATE: privilege escalation via buffer overflow in
ND_OPT_DNSSL_INFORMATION option parsing
- debian/patches/CVE-2011-3601.patch: don't overflow int in process.c.
- CVE-2011-3601
* SECURITY UPDATE: arbitrary file overwrite via interface name
- debian/patches/CVE-2011-3602.patch: check for path traversal in
device-linux.c.
- CVE-2011-3602
* SECURITY UPDATE: incorrect privilege dropping handling
- debian/patches/CVE-2011-3603.patch: fail on errors in
privsep-linux.c, radvd.c.
- CVE-2011-3603
* SECURITY UPDATE: denial or service via buffer overreads
- debian/patches/CVE-2011-3604.patch: properly check length in
process.c.
- CVE-2011-3604
* SECURITY UPDATE: temporary denial of service via delay
- debian/patches/CVE-2011-3605.patch: remove delay in process.c.
- CVE-2011-3605
Date: Wed, 12 Oct 2011 09:30:07 -0400
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Ubuntu Developers <[email protected]>
https://launchpad.net/ubuntu/oneiric/+source/radvd/1:1.8-1ubuntu0.1
Format: 1.8
Date: Wed, 12 Oct 2011 09:30:07 -0400
Source: radvd
Binary: radvd
Architecture: source
Version: 1:1.8-1ubuntu0.1
Distribution: oneiric-security
Urgency: low
Maintainer: Ubuntu Developers <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description:
radvd - Router Advertisement Daemon
Changes:
radvd (1:1.8-1ubuntu0.1) oneiric-security; urgency=low
.
* SECURITY UPDATE: privilege escalation via buffer overflow in
ND_OPT_DNSSL_INFORMATION option parsing
- debian/patches/CVE-2011-3601.patch: don't overflow int in process.c.
- CVE-2011-3601
* SECURITY UPDATE: arbitrary file overwrite via interface name
- debian/patches/CVE-2011-3602.patch: check for path traversal in
device-linux.c.
- CVE-2011-3602
* SECURITY UPDATE: incorrect privilege dropping handling
- debian/patches/CVE-2011-3603.patch: fail on errors in
privsep-linux.c, radvd.c.
- CVE-2011-3603
* SECURITY UPDATE: denial or service via buffer overreads
- debian/patches/CVE-2011-3604.patch: properly check length in
process.c.
- CVE-2011-3604
* SECURITY UPDATE: temporary denial of service via delay
- debian/patches/CVE-2011-3605.patch: remove delay in process.c.
- CVE-2011-3605
Checksums-Sha1:
96f0ee33e300437d6effb67fd1d7dacf5194ed45 1700 radvd_1.8-1ubuntu0.1.dsc
ca0578e03f69d3aafcae3658a7907e340818c97d 10344 radvd_1.8-1ubuntu0.1.diff.gz
Checksums-Sha256:
030655528689acc9746cacba129cc946a9092908b3433a77cc5e74b3f1dee9b0 1700
radvd_1.8-1ubuntu0.1.dsc
3655c439b29f11e64dbbfbb5fad3437cc3af2ca5ed7754d389934b9eb3bc60aa 10344
radvd_1.8-1ubuntu0.1.diff.gz
Files:
8d8a9aa8db07e764fed72cfc58705ced 1700 net optional radvd_1.8-1ubuntu0.1.dsc
5f81f1685d14b04efcee1cda0fab57ee 10344 net optional
radvd_1.8-1ubuntu0.1.diff.gz
Original-Maintainer: Ghe Rivero <[email protected]>
--
Oneiric-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/oneiric-changes
