lp:ubuntu/hoary-security/heartbeat
- Get this branch:
- bzr branch lp:ubuntu/hoary-security/heartbeat
Branch merges
Branch information
Recent revisions
- 7. By Martin Pitt
-
* SECURITY UPDATE: Remote DoS.
* Add debian/patches/ 16-oob- read.patch: Fix buffer overread in
clplumbing/cl_netstring. c.
* Apply above patch inline (build system does not do that automatically).
* CVE-2006-3121 - 6. By Martin Pitt
-
* SECURITY UPDATE: Local DoS.
* Add debian/patches/ 01-shm_ permissions. patch:
- Fix permissions of created shared memory block to not be
world-read/writable.
- Patch taken from upstream:
http://cvs.linux- ha.org/ viewcvs/ viewcvs. cgi/linux- ha/heartbeat/ heartbeat. c?r1=1. 513&r2= 1.514
- CVE-2006-3815
* Apply above patch inline (build system does not do that automatically). - 5. By Martin Pitt
-
* SECURITY UPDATE: Fix insecure temporary files.
* cts/CM_hb.py.in, cts/CTStests.py.in:
- Move debugging files with static name from /tmp to /var/run to avoid
symlink attack.
- CAN-2005-2231 - 4. By Martin Pitt
-
debian/control: Removed raidtools2 build dependency, to help demotion of
raidtools2 to universe. - 3. By Simon Horman <email address hidden>
-
* The previous version never made it into testing because
the build failed on arm because the ssh package was broken
at the time. I have not had any luck contacting someone to
rebuild the package.
* Updated ldirectord to 1.77.2.4 (from 1.77.2.2).
Fixes a problem where real servers present in multiple
virtuals would only be added to one virtual service. - 2. By Martin Schulze <email address hidden>
-
* Non-maintainer upload by security team
* Fixed several buffer overflows found by Nathan Wallwork.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/heartbeat