Viewing all changes in revision 145.
- Committer: Package Import Robot
- Date: 2011-11-23 09:58:49 UTC
- mfrom: (144.1.6 hardy-proposed)
- Revision ID: package-import@ubuntu.com-20111123095849-pchoop99rwjo9yo7
* SECURITY UPDATE: arbitrary code execution via directory traversal
(LP: #881548)
- UpdateManager/Core/DistUpgradeFetcherCore.py: verify signature before
unpacking the tarball.
- CVE-2011-3152
* SECURITY UPDATE: information leak via insecure temp file (LP: #881541)
- DistUpgrade/DistUpgradeViewKDE.py: use mkstemp instead of mktemp.
- CVE-2011-3154
(LP: #881548)
- UpdateManager/Core/DistUpgradeFetcherCore.py: verify signature before
unpacking the tarball.
- CVE-2011-3152
* SECURITY UPDATE: information leak via insecure temp file (LP: #881541)
- DistUpgrade/DistUpgradeViewKDE.py: use mkstemp instead of mktemp.
- CVE-2011-3154
- files modified:
- DistUpgrade/DistUpgrade.cfg
expand all
collapse all
added
removed
