comix 3.6.4-1.1 source package in Debian
Changelog
comix (3.6.4-1.1) unstable; urgency=high * Non-maintainer upload by the Security Team. * Apply patch by Mamoru Tasaka to fix arbitrary code execution via crafted file names because of passing the filename directly to string concatenation used in os.popen (CVE-2008-1568; Closes: #462840). * Apply patch by Mamoru Tasaka to use empfile.mkdtemp() to enable comix for multi-user environments and thus prevent a race condition in /tmp without a real security impact (Closes: #462836). -- Nico Golde <email address hidden> Thu, 03 Apr 2008 00:49:49 +0200
Upload details
- Uploaded by:
- Emfox Zhou
- Uploaded to:
- Lenny
- Original maintainer:
- Emfox Zhou
- Architectures:
- all
- Section:
- x11
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Lenny | release | main | x11 |
Builds
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
comix_3.6.4-1.1.dsc | 592 bytes | ceb69e3d74dc8849e325195427a1ec006da02fd4396786facefcc04813e6e9d2 |
comix_3.6.4.orig.tar.gz | 388.9 KiB | 25727929f15d626aed329298cde988ae4104e9e9797e1d948a272a61e0c735fb |
comix_3.6.4-1.1.diff.gz | 6.5 KiB | 0ed12f60bdb3a69bc1ae4c774f4132953dd943bc1155ec90ac88371e3b636433 |
No changes file available.