~ubuntu-branches/ubuntu/trusty/patch/trusty-security : files for revision 14

~ubuntu-branches/ubuntu/trusty/patch/trusty-security : (Revision 14)

Committer: Package Import Robot
Author(s): Tyler Hicks
Date: 2015-06-22 14:33:17 UTC
mfrom: (13.1.2 trusty-proposed)
Revision ID: package-import@ubuntu.com-20150622143317-pqfz8ughspedhv06

Tags: 2.7.1-4ubuntu2.3

* SECURITY UPDATE: Denial of service via crafted patch
  - debian/patches/CVE-2014-9637.patch: Detect and exit upon memory
    allocation failures
  - CVE-2014-9637
* SECURITY UPDATE: Directory traversal via crafted patch
  - debian/patches/CVE-2015-1196.patch: Don't allow symlink targets to point
    outside of the current directory
  - CVE-2015-1196
* SECURITY UPDATE: Directory traversal via crafted patch
  - debian/patches/CVE-2015-1395.patch: Check the validity of both filenames
    during a rename or copy
  - CVE-2015-1395
* SECURITY UPDATE: Directory traversal via crafted patch
  - debian/patches/CVE-2015-1396.patch: Don't allow symlink targets to point
    outside of the current directory. This patch corrects the incomplete fix
    for CVE-2015-1196.
  - CVE-2015-1396
* debian/control: Add automake1.11 as a build-depends since some of the
  patches adjust Makefile.am files

Filename	Latest Rev	Last Changed	Committer	Comment	Size
..
.pc	12	10 years ago	Package Import Robot	* Call 'ed' without a path. Closes: #714423. * Upd
build-aux	1.2.1	14 years ago	Bazaar Package Importer	Import upstream version 2.6.1.85-423d
debian	2	22 years ago	Bazaar Package Importer	* Fix patch -D. (closes: #140247) * Improve indent
lib	1.2.1	14 years ago	Bazaar Package Importer	Import upstream version 2.6.1.85-423d
m4	1	22 years ago	Bazaar Package Importer	Import upstream version 2.5.4
pc	1	22 years ago	Bazaar Package Importer	Import upstream version 2.5.4
src	1.1.2	14 years ago	Bazaar Package Importer	Import upstream version 2.6
tests	1.1.2	14 years ago	Bazaar Package Importer	Import upstream version 2.6
.tarball-version	1.2.3	11 years ago	Package Import Robot	Import upstream version 2.7.1	6 bytes
.version	1.2.3	11 years ago	Package Import Robot	Import upstream version 2.7.1	6 bytes
aclocal.m4	6.1.5	11 years ago	Package Import Robot	New upstream release.	59.7 KB
AUTHORS	1.1.2	14 years ago	Bazaar Package Importer	Import upstream version 2.6	335 bytes
bootstrap	1.2.3	11 years ago	Package Import Robot	Import upstream version 2.7.1	28.7 KB
cfg.mk	1.2.3	11 years ago	Package Import Robot	Import upstream version 2.7.1	1.2 KB
ChangeLog	6.1.5	11 years ago	Package Import Robot	New upstream release.	26.3 KB
ChangeLog-2011	1.2.3	11 years ago	Package Import Robot	Import upstream version 2.7.1	138 KB
config.hin	1.2.3	11 years ago	Package Import Robot	Import upstream version 2.7.1	50.3 KB
configure	12	10 years ago	Package Import Robot	* Call 'ed' without a path. Closes: #714423. * Upd	582 KB
configure.ac	6.1.5	11 years ago	Package Import Robot	New upstream release.	5.6 KB
COPYING	1.1.2	14 years ago	Bazaar Package Importer	Import upstream version 2.6	34.3 KB
GNUmakefile	1.2.3	11 years ago	Package Import Robot	Import upstream version 2.7.1	4.4 KB
INSTALL	1.2.3	11 years ago	Package Import Robot	Import upstream version 2.7.1	15.3 KB
maint.mk	1.2.3	11 years ago	Package Import Robot	Import upstream version 2.7.1	61.2 KB
Makefile.am	1.2.3	11 years ago	Package Import Robot	Import upstream version 2.7.1	1.8 KB
Makefile.in	6.1.5	11 years ago	Package Import Robot	New upstream release.	57.2 KB
NEWS	1.2.3	11 years ago	Package Import Robot	Import upstream version 2.7.1	14.6 KB
patch.man	13	10 years ago	Package Import Robot	* New maintainer (closes: #728664). * Add manual l	33.6 KB
README	1.2.3	11 years ago	Package Import Robot	Import upstream version 2.7.1	2.7 KB
TODO	1.2.3	11 years ago	Package Import Robot	Import upstream version 2.7.1	284 bytes