Viewing all changes in revision 38.
- Committer: Bazaar Package Importer
- Date: 2008-04-05 11:32:12 UTC
- Revision ID: james.westby@ubuntu.com-20080405113212-p7slzlzms8iityna
* SECURITY UPDATE: arbitrary code execution and authentication bypass.
(LP: #210124)
- debian/patches/CVE-2008-1289: Check that incoming RTP payloads are
within buffer limits. Patch from Debian.
- debian/patches/CVE-2008-1332: Ensure that allowguest has been enabled
before deciding that authentication isn't required. Patch from Debian.
- debian/patches/CVE-2008-1333: Interpret logging output as a character
string, not a format string. Patch from Debian.
- References:
+ CVE-2008-1289
+ CVE-2008-1332
+ CVE-2008-1333
+ AST-2008-002
+ AST-2008-003
+ AST-2008-004
* Modify Maintainer value to match the DebianMaintainerField
specification.
(LP: #210124)
- debian/patches/CVE-2008-1289: Check that incoming RTP payloads are
within buffer limits. Patch from Debian.
- debian/patches/CVE-2008-1332: Ensure that allowguest has been enabled
before deciding that authentication isn't required. Patch from Debian.
- debian/patches/CVE-2008-1333: Interpret logging output as a character
string, not a format string. Patch from Debian.
- References:
+ CVE-2008-1289
+ CVE-2008-1332
+ CVE-2008-1333
+ AST-2008-002
+ AST-2008-003
+ AST-2008-004
* Modify Maintainer value to match the DebianMaintainerField
specification.
- files added:
- debian/patches/CVE-2008-1289
- files modified:
- debian/changelog
expand all
collapse all
added
removed
