Change log for lha package in Ubuntu
| 1 → 6 of 6 results | First • Previous • Next • Last |
| Deleted in raring-release (Reason: (From Debian) RoQA; non-free, free replacements, NMU-main...) |
| Obsolete in quantal-release |
lha (1.14i-10.4) unstable; urgency=low
* Non-maintainer upload.
* Use alternatives for /usr/bin/lha, to play nice with others.
Thanks Ying-Chun Liu (PaulLiu). Closes: #402317.
-- Jon Dowland <email address hidden> Mon, 14 May 2012 13:54:01 +0100
Available diffs
| Superseded in quantal-release |
| Published in precise-release |
| Obsolete in oneiric-release |
| Obsolete in natty-release |
| Obsolete in maverick-release |
| Obsolete in lucid-release |
| Obsolete in karmic-release |
| Obsolete in jaunty-release |
| Obsolete in intrepid-release |
| Obsolete in hardy-release |
lha (1.14i-10.3) unstable; urgency=medium * Non-maintainer upload. * Fix subsequent open with O_EXCL after mkstemp (Closes: #446236) -- Cesare Tirabassi <email address hidden> Mon, 18 Feb 2008 20:31:28 +0000
lha (1.14i-10.2) unstable; urgency=high
* Non-maintainer upload by testing security team.
* Included patch.CVE-2007-2030.patch to fix insecure handling of
temporary files (CVE-2007-2030) (Closes: #437621).
-- Michael Bienia <email address hidden> Wed, 19 Sep 2007 09:49:42 +0100
lha (1.14i-10.1) unstable; urgency=high
* Security NMU for vulnerabilities inherited from GNU Gzip:
[CVE-2006-4335 CVE-2006-4337 CVE-2006-4338]
-- Ubuntu Archive Auto-Sync <email address hidden> Thu, 14 Dec 2006 12:18:40 +0000
| Superseded in feisty-release |
| Obsolete in edgy-release |
| Obsolete in dapper-release |
| Superseded in dapper-release |
| Obsolete in breezy-release |
| Obsolete in hoary-release |
lha (1.14i-10) unstable; urgency=high
* debian/patch.redhat-sec2: Add one more security patch to fix:
- CAN-2004-0771 (-w working directory option buffer overflow)
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0771
- CAN-2004-0769 (buffer overflow can be executed arbitrary code
via long pathnames in headers, another issue of bug fixed in -9)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0769
- CAN-2004-0745 (execute arbitrary commands via a directory with
shell metacharacters in its name.)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0745
- CAN-2004-0694 (reserved number)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0694
taken from RedHat patch. (Closes: #279870)
* man/lha.n: Fix typo "flie" instead of "file". (Closes: #277545)
-- GOTO Masanori <email address hidden> Sat, 13 Nov 2004 15:31:22 +0900
lha (1.14i-9) unstable; urgency=high
* debian/patch.header-overflow: Add fix another lha buffer overflow
problem. It warns when hitting an archive which includes
long directory name with option l, v, x. See:
http://lw.ftw.zamosc.pl/lha-exploit.txt
http://www.securityfocus.com/archive/1/363418
http://bugs.gentoo.org/show_bug.cgi?id=51285
Thanks to Lukasz Wojtow <email address hidden> for pointing this problem.
-- GOTO Masanori <email address hidden> Wed, 16 Jun 2004 09:51:06 +0900
| 1 → 6 of 6 results | First • Previous • Next • Last |
