Ubuntu
wml package

Branches for Edgy

Name Status Last Modified Last Commit
lp:ubuntu/edgy/wml 1 Development 2009-08-04 20:51:49 UTC
3. * Prolog and epilog filters may use a...

Author: Denis Barbier
Revision Date: 2005-02-07 22:16:46 UTC

* Prolog and epilog filters may use a relative path defined by an
  autoadjusted $(foo) variable, so expanding these variables before
  calling filters is convenient. Closes: #292948
  Thanks Tobias Oetiker for reporting this issue and providing a patch.
* wmb wml wml_p1_ipp: Use mkdtemp() from the File::Temp module to create
  a temporary directory.
* debian/control: Slight changes in description, and addition of WML
  home page.
lp:ubuntu/edgy-security/wml 1 Development 2009-08-04 20:52:07 UTC
4. * SECURITY UPDATE: (LP: #191205) + ...

Author: Emanuele Gentili
Revision Date: 2008-03-10 17:49:38 UTC

* SECURITY UPDATE: (LP: #191205)

 + wml_backend/p1_ipp/ipp.src (CVE-2008-0665)
  - in Website META Language (WML) 2.0.11 allows local
    users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp
    temporary file.
 + wlm_backend/p3_eperl/eperl_sys.c wml_contrib/wmg.cgi (CVE-2008-0666)
  - Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary
    files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by
    wml_contrib/wmg.cgi and (2) temporary files used by
    wml_backend/p3_eperl/eperl_sys.c.

* References
 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0665
 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0666
 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463907
lp:ubuntu/edgy-updates/wml bug 1 Development 2009-08-04 20:54:07 UTC
4. * SECURITY UPDATE: (LP: #191205) + ...

Author: Emanuele Gentili
Revision Date: 2008-03-10 17:49:38 UTC

* SECURITY UPDATE: (LP: #191205)

 + wml_backend/p1_ipp/ipp.src (CVE-2008-0665)
  - in Website META Language (WML) 2.0.11 allows local
    users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp
    temporary file.
 + wlm_backend/p3_eperl/eperl_sys.c wml_contrib/wmg.cgi (CVE-2008-0666)
  - Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary
    files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by
    wml_contrib/wmg.cgi and (2) temporary files used by
    wml_backend/p3_eperl/eperl_sys.c.

* References
 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0665
 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0666
 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463907
13 of 3 results FirstPreviousNextLast