~ubuntu-branches/ubuntu/lucid/wpasupplicant/lucid-security

Viewing all changes in revision 9.

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2014-10-10 09:27:24 UTC
  • mfrom: (8.1.1 lucid-proposed)
  • Revision ID: package-import@ubuntu.com-20141010092724-2zyylg9ugi72p71a
Tags: 0.6.9-3ubuntu3.2
* SECURITY UPDATE: arbitrary command execution via unsanitized string
  passed to action scripts by wpa_cli
  - debian/patches/CVE-2014-3686.patch: added os_exec() helper to
    src/utils/os.h, src/utils/os_unix.c, src/utils/os_win32.c,
    use instead of system() in wpa_supplicant/wpa_cli.c.
  - CVE-2014-3686

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: