[ubuntu/oneiric-security] gypsy 0.8-0ubuntu3.1 (Accepted)

Wed, 15 Feb 2012 08:03:49 -0800 

gypsy (0.8-0ubuntu3.1) oneiric-security; urgency=low

  * SECURITY UPDATE: "arbitrary file access and buffer overflows"
    A new config file, /etc/gypsy.conf, is added that specifies a whitelist
    of globs.  By default, they are "/dev/tty*",  "/dev/pgps", and "bluetooth"
    (which matches Bluetooth addresses).
    Thanks to Michael Leibowitz <[email protected]>
    CVE-2011-0523
  * SECURITY UPDATE: Prevent buffer overflows in NMEA parsing by using
    snprintf() instead of sprintf.
    Thanks to Bastien Nocera <[email protected]>
    CVE-2011-0524 (LP: #690323)
  * Run autoreconf to include changes to configure.ac

Date: Sat, 11 Feb 2012 15:51:56 +0100
Changed-By: Andreas Moog <[email protected]>
Maintainer: Ubuntu Developers <[email protected]>
https://launchpad.net/ubuntu/oneiric/+source/gypsy/0.8-0ubuntu3.1

Format: 1.8
Date: Sat, 11 Feb 2012 15:51:56 +0100
Source: gypsy
Binary: gypsy-daemon libgypsy0 libgypsy-dev libgypsy-doc
Architecture: source
Version: 0.8-0ubuntu3.1
Distribution: oneiric-security
Urgency: low
Maintainer: Ubuntu Developers <[email protected]>
Changed-By: Andreas Moog <[email protected]>
Description: 
 gypsy-daemon - A GPS Multiplexing Daemon
 libgypsy-dev - A GPS Multiplexing Daemon (Development Package)
 libgypsy-doc - A GPS Multiplexing Daemon (HTML API Docs)
 libgypsy0  - A GPS Multiplexing Daemon (Library Package)
Launchpad-Bugs-Fixed: 690323
Changes: 
 gypsy (0.8-0ubuntu3.1) oneiric-security; urgency=low
 .
   * SECURITY UPDATE: "arbitrary file access and buffer overflows"
     A new config file, /etc/gypsy.conf, is added that specifies a whitelist
     of globs.  By default, they are "/dev/tty*",  "/dev/pgps", and "bluetooth"
     (which matches Bluetooth addresses).
     Thanks to Michael Leibowitz <[email protected]>
     CVE-2011-0523
   * SECURITY UPDATE: Prevent buffer overflows in NMEA parsing by using
     snprintf() instead of sprintf.
     Thanks to Bastien Nocera <[email protected]>
     CVE-2011-0524 (LP: #690323)
   * Run autoreconf to include changes to configure.ac
Checksums-Sha1: 
 3b49cc9bedee3b8dc2ae23a8ca6687272f26ad58 1843 gypsy_0.8-0ubuntu3.1.dsc
 1c695b8defade5d132aa0a3115770645175c52e5 151726 
gypsy_0.8-0ubuntu3.1.debian.tar.gz
Checksums-Sha256: 
 c805167221fef14c7863f69ddd577607746c9bf03abf5bb5eae63a0ace848127 1843 
gypsy_0.8-0ubuntu3.1.dsc
 4e25b5b6742c234ae2f86d1ed1ffa1bec153ac2f112c3a8d69bb0e672058de9b 151726 
gypsy_0.8-0ubuntu3.1.debian.tar.gz
Files: 
 8df0b0f20a9e3ac0e3a86cb0b8cd29e8 1843 utils optional gypsy_0.8-0ubuntu3.1.dsc
 651422db9a4345ee6a171edda7f493d1 151726 utils optional 
gypsy_0.8-0ubuntu3.1.debian.tar.gz
Original-Maintainer: Linaro User Platforms <[email protected]>

-- 
Oneiric-changes mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/oneiric-changes

Reply via email to