This bug was fixed in the package dtach - 0.8-2ubuntu0.11.10.1
---
dtach (0.8-2ubuntu0.11.10.1) oneiric-security; urgency=low
* SECURITY-UPDATE: information disclosure on unclean disconnect
(LP: #1088355)
- attach.c(attach_main): Clean check of read operation. Based on upstr
This bug was fixed in the package dtach - 0.8-2ubuntu0.12.04.1
---
dtach (0.8-2ubuntu0.12.04.1) precise-security; urgency=low
* SECURITY-UPDATE: information disclosure on unclean disconnect
(LP: #1088355)
- attach.c(attach_main): Clean check of read operation. Based on upstr
This bug was fixed in the package dtach - 0.8-2ubuntu0.10.04.1
---
dtach (0.8-2ubuntu0.10.04.1) lucid-security; urgency=low
* SECURITY-UPDATE: information disclosure on unclean disconnect
(LP: #1088355)
- attach.c(attach_main): Clean check of read operation. Based on upstrea
Your debdiff looks good, thanks!
I'll use the same one for lucid, oneiric, and precise, since they are all based
on the same version.
I'll upload these today.
** Also affects: dtach (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: dtach (Ubuntu Oneiric)
Importance:
Second try for the precise debdiff. Let me know if everything is correct
now. Specially with the link to the upstream fix from my comment before.
Thanks.
** Patch added: "lp1088355-2-precise.debdiff"
https://bugs.launchpad.net/ubuntu/+source/dtach/+bug/1088355/+attachment/3462639/+files/lp108
Thanks for the infos. I will prepare another patch which should reflect
your input.
One question about your last comment. Did you mean add the link to the
upstream fix to the debian/changelog file or create a new debian/changes
file since there is no such file yet?
--
You received this bug notif
** Changed in: dtach (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1088355
Title:
Information disclosure Vulnerability
To manage notifications about this bug
Unsubscribing ubuntu-security-sponsors for now, please re-subscribe
ubuntu-security-sponsors when an updated debdiff is available.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1088355
Title:
Inform
Thanks for the debdiff, however, I have a few comments:
- Since the package doesn't have a patch system, you can't just add a patch to
the debian/patches directory. In this case, you must directly modify the
attach.c file.
- Lucid, Oneiric, and Precise all have the same version (0.8-2). The new
The attachment "lp1088355-precise.debdiff" of this bug report has been
identified as being a patch in the form of a debdiff. The ubuntu-
sponsors team has been subscribed to the bug report so that they can
review and hopefully sponsor the debdiff. In the event that this is in
fact not a patch you
Please check the attached precise patch. Since the package doesn't have a patch
system. So let me know if I have to change anything.
Tested: Upgrading, retested that bug is corrected (unclean disconnect)
** Patch added: "lp1088355-precise.debdiff"
https://bugs.launchpad.net/ubuntu/+source/dta
11 matches
Mail list logo
