Como lo hace normalmente una vez a la semana Canonical publica las actualizaciones de seguridad màs importantes para Ubuntu, aquellas que considera importantes y aquèllas que recomienda.
El detalle completo es el siguiente:
Versione 0.52.2-11.3ubuntu3.1:
* SECURITY UPDATE: denial of service and possible code execution via
reflowed text in text message box
- debian/patches/900_security_CVE-2009-2905.patch: calculate using
correct width in textbox.c.
- CVE-2009-2905
Newt is a windowing toolkit for text mode built from the slang library. It allows color text mode applications to easily use stackable windows, push buttons, check boxes, radio buttons, lists, entry fields, labels, and displayable text. Scrollbars are supported, and forms may be nested to provide extra functionality. This package contains the shared library for programs that have been built with newt.
Versione 2:3.3.2-1ubuntu3.2:
* SECURITY UPDATE: access control list modification when dos filemode is
enabled
- debian/patches/security-CVE-2009-1888.patch: fix group checking in
acl_group_override in source/smbd/posix_acls.c.
- CVE-2009-1888
* SECURITY UPDATE: whole filesystem share via user with no home directory
- debian/patches/security-CVE-2009-2813.patch: make sure home directory
is set in source/param/loadparm.c, source/smbd/service.c.
- CVE-2009-2813
* SECURITY UPDATE: credentials file disclosure and unauthorized usage via
setuid mount.cifs
- debian/patches/security-CVE-2009-2948.patch: don't open credentials
file if user doesn't have permission, and don't print password when
using verbose option in source/client/mount.cifs.c.
- CVE-2009-2948
* SECURITY UPDATE: denial of service via unexpected oplock break
notification reply
- debian/patches/security-CVE-2009-2906.patch: track messages already
processed in source/include/smb.h, source/smbd/process.c.
- CVE-2009-2906
This package provides a shared library that enables client applications to talk to Microsoft Windows and Samba servers using the SMB/CIFS protocol.
Versione 2:3.3.2-1ubuntu3.2:
* SECURITY UPDATE: access control list modification when dos filemode is
enabled
- debian/patches/security-CVE-2009-1888.patch: fix group checking in
acl_group_override in source/smbd/posix_acls.c.
- CVE-2009-1888
* SECURITY UPDATE: whole filesystem share via user with no home directory
- debian/patches/security-CVE-2009-2813.patch: make sure home directory
is set in source/param/loadparm.c, source/smbd/service.c.
- CVE-2009-2813
* SECURITY UPDATE: credentials file disclosure and unauthorized usage via
setuid mount.cifs
- debian/patches/security-CVE-2009-2948.patch: don't open credentials
file if user doesn't have permission, and don't print password when
using verbose option in source/client/mount.cifs.c.
- CVE-2009-2948
* SECURITY UPDATE: denial of service via unexpected oplock break
notification reply
- debian/patches/security-CVE-2009-2906.patch: track messages already
processed in source/include/smb.h, source/smbd/process.c.
- CVE-2009-2906
This package provides a library for client applications that interact via the winbind pipe protocol with a Samba winbind server.
Versione 0.52.2-11.3ubuntu3.1:
* SECURITY UPDATE: denial of service and possible code execution via
reflowed text in text message box
- debian/patches/900_security_CVE-2009-2905.patch: calculate using
correct width in textbox.c.
- CVE-2009-2905
This module allows you to built a text UI for your Python scripts using newt.
Versione 1:3.0.1-9ubuntu3.1:
* SECURITY UPDATE: fix integer underflow via crafted Word Document
- patches/dev300/sw.safe_tdelete_tinsert.diff: adjust sprmTDelete to
properly validate the number of columns
- CVE-2009-0200
* SECURITY UPDATE: fix buffer overflow via crafted Word Document
- patches/dev300/sw.safe_tdelete_tinsert.diff: adjust sprmTInsert to
properly validate the number of columns
- CVE-2009-0201
* patches/dev300/apply: create Security section and add
sw.safe_tdelete_tinsert.diff
The Python-UNO bridge allows use of the standard OpenOffice.org API with the Python scripting language. It additionally allows others to develop UNO components in Python, thus Python UNO components may be run within the OpenOffice.org process and can be called from C++ or the built in StarBasic scripting language.
0 comments:
No insertes enlaces clicables, de lo contrario se eliminará el comentario. Si quieres ser advertido via email de los nuevos comentarios marca la casilla "Notificarme". Si te ayudé con la publicación o con las respuestas a los comentarios, compártelo en Facebook, Twitter, Tumblr, Google +, Pinterest o Instagram. Gracias.