~ubuntu-branches/ubuntu/lucid/wpasupplicant/lucid-updates

« back to all changes in this revision

Viewing changes to debian/changelog

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2014-10-10 09:27:24 UTC
  • mfrom: (8.1.1 lucid-security)
  • Revision ID: package-import@ubuntu.com-20141010092724-cchjm0qok5spykcj
Tags: 0.6.9-3ubuntu3.2
* SECURITY UPDATE: arbitrary command execution via unsanitized string
  passed to action scripts by wpa_cli
  - debian/patches/CVE-2014-3686.patch: added os_exec() helper to
    src/utils/os.h, src/utils/os_unix.c, src/utils/os_win32.c,
    use instead of system() in wpa_supplicant/wpa_cli.c.
  - CVE-2014-3686

Show diffs side-by-side

added added

removed removed

Lines of Context:
 
1
wpasupplicant (0.6.9-3ubuntu3.2) lucid-security; urgency=medium
 
2
 
 
3
  * SECURITY UPDATE: arbitrary command execution via unsanitized string
 
4
    passed to action scripts by wpa_cli
 
5
    - debian/patches/CVE-2014-3686.patch: added os_exec() helper to
 
6
      src/utils/os.h, src/utils/os_unix.c, src/utils/os_win32.c,
 
7
      use instead of system() in wpa_supplicant/wpa_cli.c.
 
8
    - CVE-2014-3686
 
9
 
 
10
 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 10 Oct 2014 09:27:24 -0400
 
11
 
1
12
wpasupplicant (0.6.9-3ubuntu3.1) lucid-proposed; urgency=low
2
13
 
3
14
  * debian/patches/git_dbus_smartcard_eapol_d719934.patch: cherry-pick a patch