-
Committer:
Package Import Robot
-
Author(s):
Seth Arnold
-
Date:
2015-01-13 19:31:18 UTC
-
mfrom:
(10.1.1 lucid-proposed)
-
Revision ID:
package-import@ubuntu.com-20150113193118-hikdnszirqn1alfl
Tags: 7.4-2ubuntu3.1
* SECURITY UPDATE: infinite loop or crash in TZ environment variable
handling.
- debian/patches/CVE-2014-9471.dpatch: modify lib/getdate.y and
tests/misc/date to avoid crashing with malformed TZ
- CVE-2014-9471
* SECURITY UPDATE: local privilege escalation via /tmp file race in
dist-check.mk
- debian/patches/CVE-2009-4135.dpatch: modify dist-check.mk to no longer
use system /tmp directory for predictable names
- CVE-2009-4135