Viewing all changes in revision 41.
- Committer: Package Import Robot
- Date: 2011-12-07 16:35:22 UTC
- Revision ID: package-import@ubuntu.com-20111207163522-fkra31b1k0ynun6m
* SECURITY UPDATE: Arbitrary code execution in the power button handling
script (LP: #893821)
- debian/powerbtn.sh: Ensure that the DBUS_SESSION_BUS_ADDRESS environment
variable is only read from a process owned by the user that will be
evaluating the variable.
- CVE-2011-2777
* SECURITY UPDATE: Unprivileged users may be able to write to directories
and read files created by event handler scripts
- event.c: Set a restrictive umask of 0077 before running an event handler
script. Based on upstream patch.
- CVE-2011-4578
script (LP: #893821)
- debian/powerbtn.sh: Ensure that the DBUS_SESSION_BUS_ADDRESS environment
variable is only read from a process owned by the user that will be
evaluating the variable.
- CVE-2011-2777
* SECURITY UPDATE: Unprivileged users may be able to write to directories
and read files created by event handler scripts
- event.c: Set a restrictive umask of 0077 before running an event handler
script. Based on upstream patch.
- CVE-2011-4578
- files modified:
- debian/changelog
expand all
collapse all
added
removed
