-
Committer:
Package Import Robot
-
Author(s):
Kees Cook
-
Date:
2011-01-10 20:51:08 UTC
-
Revision ID:
package-import@ubuntu.com-20110110205108-y6gzlqdfsnvdijuf
Tags: 2.10.1-0ubuntu19
* SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
- debian/patches/any/dst-expansion-fix.diff: refresh with new
proposed solution, avoiding iconv issues.
- any/cvs-check-setuid-on-audit.diff: upstream fix for CVE-2010-3856,
which was already had a work-around in 2.10.1-0ubuntu18.