-
Committer:
Bazaar Package Importer
-
Author(s):
Kees Cook
-
Date:
2011-01-10 21:07:49 UTC
-
Revision ID:
james.westby@ubuntu.com-20110110210749-949fisr5z5d9k97c
Tags: 2.7-10ubuntu8
* SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
- debian/patches/any/dst-expansion-fix.diff: refresh with new
proposed solution, avoiding iconv issues.
- any/cvs-check-setuid-on-audit.diff: upstream fix for CVE-2010-3856,
which was already had a work-around in 2.7-10ubuntu7.