Back to comix PTS page

Accepted comix 3.6.4-1.1 (source all)

To: debian-devel-changes@lists.debian.org
Subject: Accepted comix 3.6.4-1.1 (source all)
From: Nico Golde <nion@debian.org>
Date: Wed, 02 Apr 2008 23:17:04 +0000
Message-id: <E1JhCCW-0000Ht-HB@ries.debian.org>
Sender: Archive Administrator <dak@ftp-master.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 03 Apr 2008 00:49:49 +0200
Source: comix
Binary: comix
Architecture: source all
Version: 3.6.4-1.1
Distribution: unstable
Urgency: high
Maintainer: Emfox Zhou <emfox@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description: 
 comix      - GTK Comic Book Viewer
Closes: 462836 462840
Changes: 
 comix (3.6.4-1.1) unstable; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Apply patch by Mamoru Tasaka to fix arbitrary code execution
     via crafted file names because of passing the filename directly
     to string concatenation used in os.popen (CVE-2008-1568; Closes: #462840).
   * Apply patch by Mamoru Tasaka to use empfile.mkdtemp() to enable comix
     for multi-user environments and thus prevent a race condition in /tmp
     without a real security impact (Closes: #462836).
Files: 
 11ee87c5ad9489dca3ac82bbae0cf04a 592 x11 optional comix_3.6.4-1.1.dsc
 b010db6b861426875a7340f21a6b4e5f 6609 x11 optional comix_3.6.4-1.1.diff.gz
 51f84955be80522baee2f1cc196e5fce 234988 x11 optional comix_3.6.4-1.1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFH9A9LHYflSXNkfP8RAnz/AJ98wpCSszQluevknlL04PVap8ac+QCdEIvT
uXM17oGJWWnTAsB4KjC86oQ=
=82HO
-----END PGP SIGNATURE-----


Accepted:
comix_3.6.4-1.1.diff.gz
  to pool/main/c/comix/comix_3.6.4-1.1.diff.gz
comix_3.6.4-1.1.dsc
  to pool/main/c/comix/comix_3.6.4-1.1.dsc
comix_3.6.4-1.1_all.deb
  to pool/main/c/comix/comix_3.6.4-1.1_all.deb