lp:ubuntu/natty-security/update-manager
- Get this branch:
- bzr branch lp:ubuntu/natty-security/update-manager
Branch merges
Branch information
Recent revisions
- 333. By Marc Deslauriers
-
* SECURITY UPDATE: Incomplete fix for CVE-2012-0949 (LP: #1004503)
- DistUpgrade/DistUpgradeAppo rt.py: use a whitelist of files so we
don't upload system_state archives.
- tests/test_apport_ crash.py: add test.
- CVE-2012-0950 - 332. By Marc Deslauriers
-
* SECURITY UPDATE: Incorrect permissions on system_state archive may
expose repo passwords (LP: #954483)
- DistUpgrade/DistUpgradeMain .py: create file with proper permissions.
- debian/update- manager- core.postinst: clean up permissions on existing
files.
- CVE-2012-0948
* SECURITY UPDATE: Apport hook may upload system_state archive containing
repo passwords (LP: #954483)
- debian/source_ update- manager. py: don't upload system_state archives.
- CVE-2012-0949 - 331. By Marc Deslauriers
-
* REGRESSION FIX:
- DistUpgrade/DistUpgradeView KDE.py: fix regression caused by improper
return value handling. (LP: #933225) - 330. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via directory traversal
(LP: #881548)
- UpdateManager/Core/DistUpgrad eFetcherCore. py: verify signature before
unpacking the tarball.
- CVE-2011-3152
* SECURITY UPDATE: information leak via insecure temp file (LP: #881541)
- DistUpgrade/DistUpgradeView KDE.py: use mkstemp instead of mktemp.
- CVE-2011-3154 - 328. By Michael Vogt
-
* DistUpgrade/
DistUpgradeQuir ks.py, tests/test_ quirks. py:
- don't print a error for already patched files, this removes
a misleading error from the upgrade logs
- update tests - 327. By Michael Vogt
-
* AutoUpgradeTest
er/profile/ {euca-cloud, euca-nc, xubuntu} /DistUpgrade. cfg:
- updated for maverick->natty now that the auto-upgrade-test server
has more diskspace
* DistUpgrade/DistUpgradeCont roller. py, DistUpgrade/ DistUpgradeMain .py:
- make running-under-ssh check more robust by looking for sshd parent
* DistUpgrade/DistUpgradeView Text.py:
- make user confirm information() messages before continuing
(important for e.g. the "sshd has started" message)
* DistUpgrade/DistUpgradeQuir ks.py, DistUpgrade/ DistUpgradeCont roller. py:
- ensure that new recommends are installed on a desktop mode upgrade
even if that got disabled e.g. via synaptic (LP: #759262)
- add test for this feature - 326. By Michael Vogt
-
* DistUpgrade/
DistUpgradeCont roller. py, DistUpgrade/ DistUpgradeMain .py:
- fix ssh detection (LP: #744995) - 325. By Jonathan Riddell
-
* DistUpgrade/
DistUpgradeView KDE.py
- Allow to view differences in conf file changes LP: #746431 - 324. By Michael Vogt
-
* merged lp:~evfool/update-manager/fix665173 (LP: #665173),
many thanks to Robert Roth (update the test a bit)
* merged lp:~evfool/update-manager/fix150677 (LP: #150677),
many thanks to Robert Roth
* merged lp:~evfool/update-manager/fix727069 (LP: #727069),
many thanks to Robert Roth
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/precise/update-manager