Ubuntu
dropbear package

Merge lp://staging/~jtaylor/ubuntu/oneiric/dropbear/CVE-2012-0920 into lp://staging/ubuntu/oneiric/dropbear

  1. Oneiric (11.10)
  2. CVE-2012-0920
  3. Merge into oneiric
Proposed by Julian Taylor
Status: Rejected
Rejected by: Martin Pitt
Proposed branch: lp://staging/~jtaylor/ubuntu/oneiric/dropbear/CVE-2012-0920
Merge into: lp://staging/ubuntu/oneiric/dropbear
Diff against target: 122 lines (+110/-0)
2 files modified
debian/changelog (+10/-0)
debian/diff/0003-Fix-use-after-free-bug-CVE-2012-0920.diff (+100/-0)
To merge this branch: bzr merge lp://staging/~jtaylor/ubuntu/oneiric/dropbear/CVE-2012-0920
Reviewer Review Type Date Requested Status
Jamie Strandboge Approve
Ubuntu branches Pending
Review via email: mp+103385@code.staging.launchpad.net

Description of the change

patch from upstream 2012.55 applies to oneiric, fuzz svr-chansession.c irrelevant

To post a comment you must log in.
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Oneiric should use a patch name of 0004-Fix-use-after-free-bug-CVE-2012-0920.diff since 0004 already exists. I fixed this.

review: Approve

Unmerged revisions

17. By Julian Taylor

* SECURITY UPDATE: remote execution via use after free (LP: #976360)
  - debian/diff/0003-Fix-use-after-free-bug-CVE-2012-0920.diff
    pulled from https://secure.ucc.asn.au/hg/dropbear/rev/818108bf7749
    Thanks to Matt Johnston
  - CVE-2012-0920

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
The diff is not available at this time. You can reload the page or download it.

Subscribers

People subscribed via source and target branches

to all changes: