[Technik] [SECURITY] [DSA 1170-1] New fastjar packages fix
directory traversal
Noèl Köthe
noel at debian.org
Wed Sep 6 23:01:16 CEST 2006
Am Mittwoch, den 06.09.2006, 19:31 +0200 schrieb Martin Schulze:
> Debian Security Advisory DSA 1170-1 security at debian.org
> http://www.debian.org/security/ Martin Schulze
> September 6th, 2006 http://www.debian.org/security/faq
>
> Package : gcc-3.4
> Vulnerability : missing sanity check
> Problem type : local (remote)
> Debian-specific: no
> CVE ID : CVE-2006-3619
> BugTraq ID : 15669
> Debian Bug : 368397
gcc-3.4 auf pima, pomo, yuma, cusa, h01, h02, h03, cupa, wasco, crow,
cree, kiowa, karuk und kansa aktualisiert.
> For the stable distribution (sarge) this problem has been fixed in
> version 3.4.3-13sarge1.
changelog:
cc-3.4 (3.4.3-13sarge1) stable-security; urgency=high
* Non-maintainer upload by the Security Team
* Applied patch by Richard Guenther to prevent directory traversal
[fastjar/jartool.c, debian/patches/CVE-2006-3619.dpatch,
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359]
-- Martin Schulze <joey at infodrom.org> Fri, 4 Aug 2006 14:50:09 +0200
--
Noèl Köthe <noel debian.org>
Debian GNU/Linux, www.debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : /archiv/technik/attachments/20060906/f72c34ae/attachment.pgp
More information about the Technik
mailing list