-
Committer:
Bazaar Package Importer
-
Author(s):
Kees Cook
-
Date:
2010-05-19 16:59:18 UTC
-
mfrom:
(89.1.2 hardy-proposed)
-
Revision ID:
james.westby@ubuntu.com-20100519165918-f3j91fh2z0csqhtu
Tags: 2.7-10ubuntu6
* SECURITY UPDATE: integer overflow in strfmon() might lead to arbitrary
code execution.
- debian/patches/any/git-strfmon-overflow.diff: backport from upstream.
- CVE-2008-1391
* SECURITY UPDATE: newlines not escaped in /etc/mtab.
- debian/patches/any/git-mntent-newline-escape.diff: upstream fixes.
- CVE-2010-0296
* SECURITY UPDATE: arbitrary code execution from ELF headers (LP: #542197).
- debian/patches/any/git-fix-dtag-cast.diff: upstream fixes.
- CVE-2010-0830
* debian/patches/any/git-readdir-padding.diff: fix readdir padding when
processing getdents64() in a 32-bit execution environment (LP: #392501).