[ubuntu/oneiric-security] update-manager_0.152.25.5_armel_translations.tar.gz, update-manager, update-manager_0.152.25.5_i386_translations.tar.gz, update-manager_0.152.25.5_powerpc_translations.tar.gz, dist-upgrader_0.152.25.5_all.tar.gz, update-manager_0.152.25.5_amd64_translations.tar.gz 1:0.152.25.5 (Accepted)

Marc Deslauriers Mon, 28 Nov 2011 08:03:59 -0800

update-manager (1:0.152.25.5) oneiric-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via directory traversal
    (LP: #881548)
    - UpdateManager/Core/DistUpgradeFetcherCore.py: verify signature before
      unpacking the tarball.
    - CVE-2011-3152
  * SECURITY UPDATE: information leak via insecure temp file (LP: #881541)
    - DistUpgrade/DistUpgradeViewKDE.py: use mkstemp instead of mktemp.
    - CVE-2011-3154


Date: Wed, 23 Nov 2011 08:52:19 -0500
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Michael Vogt <[email protected]>
https://launchpad.net/ubuntu/oneiric/+source/update-manager/1:0.152.25.5

Format: 1.8
Date: Wed, 23 Nov 2011 08:52:19 -0500
Source: update-manager
Binary: update-manager-core update-manager update-manager-text 
update-manager-kde auto-upgrade-tester
Architecture: source
Version: 1:0.152.25.5
Distribution: oneiric-security
Urgency: low
Maintainer: Michael Vogt <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description: 
 auto-upgrade-tester - Test release upgrades in a virtual environment
 update-manager - GNOME application that manages apt updates
 update-manager-core - manage release upgrades
 update-manager-kde - Support modules for KPackageKit
 update-manager-text - Text application that manages apt updates
Launchpad-Bugs-Fixed: 881541 881548
Changes: 
 update-manager (1:0.152.25.5) oneiric-security; urgency=low
 .
   * SECURITY UPDATE: arbitrary code execution via directory traversal
     (LP: #881548)
     - UpdateManager/Core/DistUpgradeFetcherCore.py: verify signature before
       unpacking the tarball.
     - CVE-2011-3152
   * SECURITY UPDATE: information leak via insecure temp file (LP: #881541)
     - DistUpgrade/DistUpgradeViewKDE.py: use mkstemp instead of mktemp.
     - CVE-2011-3154
Checksums-Sha1: 
 a4e2846a5cbb5833ecbd66bf97c8267aa4a5f6f6 1765 update-manager_0.152.25.5.dsc
 9221d88732db056f9ac6bca7213b580cfd4fb5a0 3238939 
update-manager_0.152.25.5.tar.gz
Checksums-Sha256: 
 7f82f6917f81be46fa831260bf27955fd7767a3c83d2bdf1943f3b18267f8c7a 1765 
update-manager_0.152.25.5.dsc
 de523d4fa291fdfa549fcaafa4f0cc35f520b78cdeec8a33768e07766d461219 3238939 
update-manager_0.152.25.5.tar.gz
Files: 
 c761c641c2856621f7af2f0435e212c8 1765 gnome optional 
update-manager_0.152.25.5.dsc
 0ff82c8e9423494c67aecfa158ca5cee 3238939 gnome optional 
update-manager_0.152.25.5.tar.gz

-- 
Oneiric-changes mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/oneiric-changes

Reply via email to