-
openwsman (2.4.3-0ubuntu4.1) trusty-security; urgency=low
* SECURITY UPDATE: Add security fixes from upstream openwsman (LP: #1319089)
- debian/patches/ws-xml-make-default-prefix-buff-overflow-fix.patch:
ws_xml_make_default_prefix() can overflow buf parameter via sprintf()
- debian/patches/wsmc-create-request-fix-buff-overflow.patch:
wsmc_create_request() potential buf[20] overflow via WSMAN_ACTION_RENEW
- debian/patches/LocalSubscriptionOpUpdate-fix-fopen.patch:
address LocalSubscriptionOpUpdate() unchecked fopen()
- debian/patches/wsman-get-fault-status-sanity-guard-fix.patch:
Fix incorrect order of sanity guards in wsman_get_fault_status_from_doc()
- debian/patches/mem-allocation-wsman-init-plugins-fix.patch:
Fix unchecked memory allocation in wsman_init_plugins(), p->ifc
- debian/patches/mem-allocation-mem-double-newptr-fix.patch:
Fix unchecked memory allocation in mem_double(), newptr
- debian/patches/mem-allocation-dictionary-new-fix.patch:
Fix unchecked memory allocation in dictionary_new(), d, d->val, d->key,
d->hash
- debian/patches/mem-allocation-u-error-new-fix.patch:
Fix unchecked memory allocation in u_error_new(), *error
- debian/patches/remove-unsafe-debug-call-from-sighup-handler.patch:
sighup_handler() in wsmand.c use of unsafe functions in a signal handler
- debian/patches/SHA512-password-fixes.patch:
Support SHA512 password encoding, use safe_cmp to prevent brute-force
attacks
- debian/patches/increase-password-upper-limit.patch:
increase password upper limit to 128 characters (from 64)
-- Kent Baxley <email address hidden> Fri, 06 Jun 2014 12:55:02 -0500
-
openwsman (2.4.3-0ubuntu4) trusty; urgency=low
* debian/control: fix the breaks and replaces version numbers
for libopenwsman1.
-- Kent Baxley <email address hidden> Fri, 24 Jan 2014 08:45:40 -0600
-
openwsman (2.4.3-0ubuntu1) trusty; urgency=low
* Sync with upstream 2.4.3 (LP: #1268707)
* debian/control: bump standards version to 3.9.5
* debian/patches: removed cmake-findruby.patch. FTBFS no longer occurs due to
overhauled ruby cmake file upstream.
-- Kent Baxley <email address hidden> Mon, 13 Jan 2014 12:11:37 -0600
-
openwsman (2.3.6-0ubuntu1) raring; urgency=low
* Sync with upstream 2.3.6
* debian/control: Move to standards version 3.9.2
- debian/*.install: Use relative source paths
- debian/*.conffiles: Dropped
- debian/source/format: New: "3.0 (quilt)"
- debian/control: Add debhelper (>= 9.0.0) as build-dependency
- debian/rules: Use dh format
- debian/rules: Disable dh_auto_test. Testcases fail
- debian/rules: Override dh_auto_install to install the client config
* debian/control: Add build-dependency on cmake
* debian/control: Drop build-dependency on cdbs
* debian/control: Multi-Arch conversion for libopenwsman1 and
libwsman-clientpp1.
* debian/rules: Drop cdbs includes
* debian/rules: Drop extra build flags (not required anymore)
* debian/libopenwsman-dev.install: Don't install .a files (not built)
* debian/patches/cmake-findruby.patch: Fix FTBS caused by a certain
usage of braces.
* debian/patches/cmake-python-includes.patch: Need to use a different
variable which has architecture specific include path as well.
-- Stefan Bader <email address hidden> Wed, 06 Feb 2013 13:59:29 +0100
