Viewing all changes in revision 40.
- Committer: Package Import Robot
- Date: 2013-01-17 11:57:17 UTC
- Revision ID: package-import@ubuntu.com-20130117115717-xst1r2cmacuvdj9i
* SECURITY UPDATE: denial of service and possible code execution via
crafted headers
- debian/patches/CVE-2011-3378.patch: properly validate values in
lib/header.c.
- CVE-2011-3378
* SECURITY UPDATE: denial of service and possible code execution via
invalid region tag
- debian/patches/CVE-2012-0060.patch: validate region tags in
lib/header.c, lib/package.c, lib/signature.c.
- CVE-2012-0060
* SECURITY UPDATE: denial of service and possible code execution via
large region size
- debian/patches/CVE-2012-0061.patch: check length in lib/header.c.
- CVE-2012-0061
* SECURITY UPDATE: denial of service and possible code execution via
negative value in region offset
- debian/patches/CVE-2012-0815.patch: properly handle negative values
in lib/header.c, lib/package.c, lib/signature.c.
- CVE-2012-0815
crafted headers
- debian/patches/CVE-2011-3378.patch: properly validate values in
lib/header.c.
- CVE-2011-3378
* SECURITY UPDATE: denial of service and possible code execution via
invalid region tag
- debian/patches/CVE-2012-0060.patch: validate region tags in
lib/header.c, lib/package.c, lib/signature.c.
- CVE-2012-0060
* SECURITY UPDATE: denial of service and possible code execution via
large region size
- debian/patches/CVE-2012-0061.patch: check length in lib/header.c.
- CVE-2012-0061
* SECURITY UPDATE: denial of service and possible code execution via
negative value in region offset
- debian/patches/CVE-2012-0815.patch: properly handle negative values
in lib/header.c, lib/package.c, lib/signature.c.
- CVE-2012-0815
- files added:
- .pc/.quilt_patches
- .pc/CVE-2011-3378.patch
- .pc/CVE-2011-3378.patch/lib
- .pc/CVE-2012-0060.patch
- .pc/CVE-2012-0060.patch/lib
- .pc/CVE-2012-0061.patch
- .pc/CVE-2012-0061.patch/lib
- .pc/CVE-2012-0815.patch
- .pc/CVE-2012-0815.patch/lib
- files modified:
- .pc/applied-patches
expand all
collapse all
added
removed
