-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2013-01-17 12:07:16 UTC
-
Revision ID:
package-import@ubuntu.com-20130117120716-1ulbw1kg09fupj8h
Tags: 4.9.0-7ubuntu0.1
* SECURITY UPDATE: denial of service and possible code execution via
crafted headers
- debian/patches/CVE-2011-3378.patch: properly validate values in
lib/header.c.
- CVE-2011-3378
* SECURITY UPDATE: denial of service and possible code execution via
invalid region tag
- debian/patches/CVE-2012-0060.patch: validate region tags in
lib/header.c, lib/package.c, lib/signature.c.
- CVE-2012-0060
* SECURITY UPDATE: denial of service and possible code execution via
large region size
- debian/patches/CVE-2012-0061.patch: check length in lib/header.c.
- CVE-2012-0061
* SECURITY UPDATE: denial of service and possible code execution via
negative value in region offset
- debian/patches/CVE-2012-0815.patch: properly handle negative values
in lib/header.c, lib/package.c, lib/signature.c.
- CVE-2012-0815