-
texinfo (4.7-2.2ubuntu2.2) breezy-security; urgency=low
* SECURITY UPDATE: buffer overflow in texindex can lead to arbitrary
code execution.
* util/texindex.c: correctly bounds-check the buffer.
* References
CVE-2006-4810
-- Kees Cook <email address hidden> Fri, 3 Nov 2006 17:08:46 -0800
-
texinfo (4.7-2.2ubuntu2.1) breezy-security; urgency=low
* util/texindex.c: Replace patch with official upstream patch to fix abort
error on tempfile unlinking.
-- Martin Pitt <email address hidden> Mon, 9 Jan 2006 13:00:09 +0000
-
texinfo (4.7-2.2ubuntu2) breezy; urgency=low
* SECURITY UPDATE: Fix insecure temporary files.
* util/texindex.c: Create temporary files in a safe way with O_EXCL|O_CREAT
to prevent race conditions which allow symlink attacks.
* CAN-2005-3011
-- Martin Pitt <email address hidden> Thu, 6 Oct 2005 15:09:15 +0200