-
Committer:
Bazaar Package Importer
-
Author(s):
Kees Cook
-
Date:
2010-05-19 16:57:47 UTC
-
mfrom:
(22.1.1 karmic-proposed)
-
Revision ID:
james.westby@ubuntu.com-20100519165747-mn1zncy4403qr4r3
Tags: 2.10.1-0ubuntu17
* SECURITY UPDATE: integer overflow in strfmon() might lead to arbitrary
code execution.
- debian/patches/any/git-strfmon-overflow.diff: backport from upstream.
- CVE-2008-1391
* SECURITY UPDATE: newlines not escaped in /etc/mtab.
- debian/patches/any/git-mntent-newline-escape.diff: upstream fixes.
- CVE-2010-0296
* SECURITY UPDATE: arbitrary code execution from ELF headers (LP: #542197).
- debian/patches/any/git-fix-dtag-cast.diff: upstream fixes.
- CVE-2010-0830
* debian/patches/any/git-readdir-padding.diff: fix readdir padding when
processing getdents64() in a 32-bit execution environment (LP: #392501).