-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2011-10-12 09:46:52 UTC
-
Revision ID:
package-import@ubuntu.com-20111012094652-zg82o4iy7cfpdsi6
Tags: 1:1.7-1ubuntu0.1
* SECURITY UPDATE: privilege escalation via buffer overflow in
ND_OPT_DNSSL_INFORMATION option parsing
- debian/patches/CVE-2011-3601.patch: don't overflow int in process.c.
- CVE-2011-3601
* SECURITY UPDATE: arbitrary file overwrite via interface name
- debian/patches/CVE-2011-3602.patch: check for path traversal in
device-linux.c.
- CVE-2011-3602
* SECURITY UPDATE: incorrect privilege dropping handling
- debian/patches/CVE-2011-3603.patch: fail on errors in
privsep-linux.c, radvd.c.
- CVE-2011-3603
* SECURITY UPDATE: denial or service via buffer overreads
- debian/patches/CVE-2011-3604.patch: properly check length in
process.c.
- CVE-2011-3604
* SECURITY UPDATE: temporary denial of service via delay
- debian/patches/CVE-2011-3605.patch: remove delay in process.c.
- CVE-2011-3605