** Branch linked: lp:ubuntu/karmic/mondo
--
[CVE-2008-1633] unspecified vulnerability relating to use of /tmp
https://bugs.launchpad.net/bugs/216601
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
The 18 month support period for Gutsy Gibbon 7.10 has reached its end of life -
http://www.ubuntu.com/news/ubuntu-7.10-eol . As a result, we are closing the
Gutsy task.
** Changed in: mondo (Ubuntu Gutsy)
Status: Confirmed = Won't Fix
--
[CVE-2008-1633] unspecified vulnerability relating
Indeed! My upload is totally broken and must be restored. And I need to
figure out *why* I applied such a fix. Thanks for catching up.
--
[CVE-2008-1633] unspecified vulnerability relating to use of /tmp
https://bugs.launchpad.net/bugs/216601
You received this bug notification because you are a
I erroneously inverted commit numbers while at http://tinyurl.com/5fpvds
and reverted the fix, I'm very sorry for my silly error :( I reverted my
previous upload to fix it.
** Changed in: mondo (Ubuntu Hardy)
Importance: Undecided = Medium
Status: Confirmed = Fix Released
** Changed
This bug was fixed in the package mondo - 2.24-2ubuntu2
---
mondo (2.24-2ubuntu2) intrepid; urgency=low
* Revert my previous, broken upload and blame myself for reverting
an already fixed package, this re-includes fix for CVE-2008-1633 and
closes LP: #216601.
-- Luca
2.24-2ubuntu1 uploaded for Intrepid.
** Changed in: mondo (Ubuntu)
Importance: Undecided = Medium
Assignee: (unassigned) = Luca Falavigna (dktrkranz)
Status: Confirmed = Fix Committed
** Changed in: mondo (Ubuntu Feisty)
Status: Confirmed = Won't Fix
** Changed in: mondo
This bug was fixed in the package mondo - 2.24-2ubuntu1
---
mondo (2.24-2ubuntu1) intrepid; urgency=low
* SECURITY UPDATE: fix errors related to the usage of /tmp or
MINDI_CACHE instead of bkpinfo-tmpdir (LP: #216601).
* References:
- CVE-2008-1633
-
I've accepted this package into intrepid because there's no freeze
justification for not doing so, but this is *not* a security fix:
[...]
- if (length_of_file(MINDI_CACHE/changed.files) 2) {
+
+ if (length_of_file(/tmp/changed.files) 2) {
[...]
system(rm -f
It looks like the issue in CVE-2008-1633 had been addressed in the
previous upload (though not referenced) and that this upload is a
reversion of the referenced upstream checkin at
http://trac.mondorescue.org/changeset/1644/branches/2.2.5
--
[CVE-2008-1633] unspecified vulnerability relating to
** Changed in: mondo (Debian)
Status: New = Fix Released
--
[CVE-2008-1633] unspecified vulnerability relating to use of /tmp
https://bugs.launchpad.net/bugs/216601
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs
The 18 month support period for Edgy Eft 6.10 has reached it's end of
life. As a result, we are closing the Edgy Eft task. However, please
note that this report will remain open against the actively developed
release. Thank you for your continued support and help as we debug this
issue.
**
** Changed in: mondo (Debian)
Status: Unknown = New
--
[CVE-2008-1633] unspecified vulnerability relating to use of /tmp
https://bugs.launchpad.net/bugs/216601
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs
** Bug watch added: Debian Bug tracker #475221
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475221
** Also affects: mondo (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475221
Importance: Unknown
Status: Unknown
** Visibility changed to: Public
** Changed in:
13 matches
Mail list logo
