Accepted:
OK: wml_2.0.11.orig.tar.gz
OK: wml_2.0.11-2ubuntu0.1.diff.gz
OK: wml_2.0.11-2ubuntu0.1.dsc
-> Component: universe Section: web
OK: wml_2.0.11-2ubuntu0.1_amd64.deb
OK: wml_2.0.11-2ubuntu0.1_hppa.deb
OK: wml_2.0.11-2ubuntu0.1_i386.deb
OK: wml_2.0.11-2ubuntu0.1_ia64.deb
OK: wml_2.0.11-2ubuntu0.1_lpia.deb
OK: wml_2.0.11-2ubuntu0.1_powerpc.deb
OK: wml_2.0.11-2ubuntu0.1_sparc.deb
OK: wml_2.0.11-2ubuntu0.1_amd64_translations.tar.gz
OK: wml_2.0.11-2ubuntu0.1_hppa_translations.tar.gz
OK: wml_2.0.11-2ubuntu0.1_i386_translations.tar.gz
OK: wml_2.0.11-2ubuntu0.1_ia64_translations.tar.gz
OK: wml_2.0.11-2ubuntu0.1_lpia_translations.tar.gz
OK: wml_2.0.11-2ubuntu0.1_powerpc_translations.tar.gz
OK: wml_2.0.11-2ubuntu0.1_sparc_translations.tar.gz
Format: 1.7
Date: Mon, 10 Mar 2008 16:58:14 +0100
Source: wml
Binary: wml
Architecture: amd64_translations amd64 hppa_translations hppa i386_translations
i386 ia64_translations ia64 lpia_translations lpia powerpc_translations powerpc
source sparc_translations sparc
Version: 2.0.11-2ubuntu0.1
Distribution: gutsy-security
Urgency: low
Maintainer: Ubuntu MOTU Developers <[EMAIL PROTECTED]>
Changed-By: Emanuele Gentili <[EMAIL PROTECTED]>
Description:
wml - off-line HTML generation toolkit
Changes:
wml (2.0.11-2ubuntu0.1) gutsy-security; urgency=low
.
* debian/control
- updated maintainer field
* SECURITY UPDATE: (LP: #191205)
+ wml_backend/p1_ipp/ipp.src (CVE-2008-0665)
- in Website META Language (WML) 2.0.11 allows local
users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp
temporary file.
+ wlm_backend/p3_eperl/eperl_sys.c wml_contrib/wmg.cgi (CVE-2008-0666)
- Website META Language (WML) 2.0.11 allows local users to overwrite
arbitrary
files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used
by
wml_contrib/wmg.cgi and (2) temporary files used by
wml_backend/p3_eperl/eperl_sys.c.
* References
+ http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0665
+ http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0666
+ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463907
Files:
0bf67af478b000481c932b79065bebdc 3256 raw-translations -
wml_2.0.11-2ubuntu0.1_amd64_translations.tar.gz
59d390ed1db78f3700a3c0a207cffff9 450188 web optional
wml_2.0.11-2ubuntu0.1_amd64.deb
e3733c52c50c8a40e9718ec7176d2778 3255 raw-translations -
wml_2.0.11-2ubuntu0.1_hppa_translations.tar.gz
9a13bc9316075944ddfdb314277b5c5d 452676 web optional
wml_2.0.11-2ubuntu0.1_hppa.deb
b383548e21cc28d75684253c279a99a9 3256 raw-translations -
wml_2.0.11-2ubuntu0.1_i386_translations.tar.gz
2cce4b2bacee21d51fd0f8666f113886 449134 web optional
wml_2.0.11-2ubuntu0.1_i386.deb
e7405508b6d180c7ef73c163b2ce3f70 3255 raw-translations -
wml_2.0.11-2ubuntu0.1_ia64_translations.tar.gz
7a549089638108f82accad639eb20a24 455704 web optional
wml_2.0.11-2ubuntu0.1_ia64.deb
9ae57d1ed2f5b901f3a0827757dab3d9 3255 raw-translations -
wml_2.0.11-2ubuntu0.1_lpia_translations.tar.gz
ae500abb0b54138a25f30a99f714a830 451020 web optional
wml_2.0.11-2ubuntu0.1_lpia.deb
3f9374d2c154e5a9121ffe590dda4439 3256 raw-translations -
wml_2.0.11-2ubuntu0.1_powerpc_translations.tar.gz
225d66035a64014bb09fa1a2e9b435f4 452100 web optional
wml_2.0.11-2ubuntu0.1_powerpc.deb
a427fd38d5f0d825f29c4af975701a94 742 web optional wml_2.0.11-2ubuntu0.1.dsc
92bb03341ec209fdd90655933fb5df1a 63918 web optional
wml_2.0.11-2ubuntu0.1.diff.gz
932e2e39c1bd2b6042c00de844eb3e2b 3256 raw-translations -
wml_2.0.11-2ubuntu0.1_sparc_translations.tar.gz
e0781acd56fa8aff7d1a21da34372da9 449448 web optional
wml_2.0.11-2ubuntu0.1_sparc.deb
Launchpad-Bugs-Fixed: 191205
Original-Maintainer: Luk Claes <[EMAIL PROTECTED]>
--
gutsy-changes mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/gutsy-changes
