-
Committer:
Package Import Robot
-
Author(s):
Seth Arnold
-
Date:
2013-11-01 17:15:48 UTC
-
mfrom:
(20.1.2 quantal-proposed)
-
Revision ID:
package-import@ubuntu.com-20131101171548-2zswm101618z3kn6
Tags: 1.2+bzr1373+dfsg-0ubuntu1.1
* SECURITY UPDATE: failure to authenticate downloaded content (LP: #1039513)
  - debian/patches/CVE-2013-1058.patch: Authenticate downloaded files with
    GnuPG and MD5SUM files. Thanks to Julian Edwards.
  - CVE-2013-1058
* SECURITY UPDATE: configuration options may be loaded from current working
  directory (LP: #1158425)
  - debian/patches/CVE-2013-1057-1-2.patch: Do not load configuration
    options from the current working directory. Thanks to Julian Edwards.
  - CVE-2013-1057