*** This bug is a security vulnerability ***
Public security bug reported:
Please sync mcrypt 2.6.8-1.1 (universe) from Debian unstable (main)
Changelog entries since current quantal version 2.6.8-1:
mcrypt (2.6.8-1.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* CVE-2012-4409: buffer overflow when decrypting a file with a too
long salt.
* No id: format-string attacks via file name arguments and possibly
others.
-- Raphael Geissert <geiss...@debian.org> Thu, 06 Sep 2012 15:38:44
-0500
** Affects: mcrypt (Ubuntu)
Importance: Undecided
Status: New
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-4409
** This bug has been flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1051391
Title:
Sync mcrypt 2.6.8-1.1 (universe) from Debian unstable (main)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mcrypt/+bug/1051391/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
