ubuntu/+source/language-selector:applied/ubuntu/maverick-security

Last commit made on 2011-04-19
Get this branch:
git clone -b applied/ubuntu/maverick-security https://git.launchpad.net/ubuntu/+source/language-selector
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/maverick-security
Repository:
lp:ubuntu/+source/language-selector

Recent commits

8094e5b... by Kees Cook on 2011-04-19

Import patches-applied version 0.6.8 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: efaf6a0f02feb4f0d1497c01944fa18bbf9d432c
Unapplied parent: f04c11450f68861c4430c1c62093d84690c38bdb

New changelog entries:
  * debian/language-selector-common.postinst: allow missing backend.

f04c114... by Kees Cook on 2011-04-19

Import patches-unapplied version 0.6.8 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 46a8d1c27a2c23aca97d709bf7fae6fefd36396c

New changelog entries:
  * debian/language-selector-common.postinst: allow missing backend.

efaf6a0... by Kees Cook on 2011-04-19

Import patches-applied version 0.6.7 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: b82a5284f37e1b437da4ea9a7b03d832d3392abb
Unapplied parent: 46a8d1c27a2c23aca97d709bf7fae6fefd36396c

New changelog entries:
  [ Kees Cook ]
  * SECURITY UPDATE: language selector backend did not verify policy kit
    authentication.
    - debian/language-selector-common.postinst: shut down old backend.
    - CVE-2011-0729
  [ Martin Pitt ]
  * dbus_backend/ls-dbus-backend: Actually look at the PolicyKit check result
    and only proceed if it succeeded. Thanks to Romain Perier for finding this
    and providing the patch! This fixes a local root privilege escalation, as
    this allows any authenticated user to write arbitrary shell commands into
    /etc/default/locale. (LP: #764397)
  * dbus_backend/ls-dbus-backend: Reject locale names with invalid characters
    in it, to further prevent injecting shell code into /etc/default/locale
    for authenticated users. Thanks to Felix Geyer for the initial patch!
    (LP: #764397)
  * debian/control: Update Vcs-Bzr: for newly created maverick branch.

46a8d1c... by Kees Cook on 2011-04-19

Import patches-unapplied version 0.6.7 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 22783afaf989af61a00051ee44e29d969294c97b

New changelog entries:
  [ Kees Cook ]
  * SECURITY UPDATE: language selector backend did not verify policy kit
    authentication.
    - debian/language-selector-common.postinst: shut down old backend.
    - CVE-2011-0729
  [ Martin Pitt ]
  * dbus_backend/ls-dbus-backend: Actually look at the PolicyKit check result
    and only proceed if it succeeded. Thanks to Romain Perier for finding this
    and providing the patch! This fixes a local root privilege escalation, as
    this allows any authenticated user to write arbitrary shell commands into
    /etc/default/locale. (LP: #764397)
  * dbus_backend/ls-dbus-backend: Reject locale names with invalid characters
    in it, to further prevent injecting shell code into /etc/default/locale
    for authenticated users. Thanks to Felix Geyer for the initial patch!
    (LP: #764397)
  * debian/control: Update Vcs-Bzr: for newly created maverick branch.

b82a528... by Martin Pitt on 2010-10-05

Import patches-applied version 0.6.6 to applied/ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 7698caf115240f54c7aa172b144821776b2190b3
Unapplied parent: 22783afaf989af61a00051ee44e29d969294c97b

New changelog entries:
  * debian/rules: Disable pkgbinarymangler, to keep translations in the
    package. In Natty this blacklisting will happen in the pkgbinarymangler
    package (so that the programs other than pkgstriptranslations will still
    apply), but this is a less invasive shortcut for Maverick. (LP: #654548)
  * po/*: Update translations from Launchpad.

22783af... by Martin Pitt on 2010-10-05

Import patches-unapplied version 0.6.6 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: d80043229b1bec87c60be6ae603ccbcdaf1b8415

New changelog entries:
  * debian/rules: Disable pkgbinarymangler, to keep translations in the
    package. In Natty this blacklisting will happen in the pkgbinarymangler
    package (so that the programs other than pkgstriptranslations will still
    apply), but this is a less invasive shortcut for Maverick. (LP: #654548)
  * po/*: Update translations from Launchpad.

7698caf... by Colin Watson on 2010-09-24

Import patches-applied version 0.6.5 to applied/ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 5b50696a7562708d8af43041033c004397ba49b6
Unapplied parent: d80043229b1bec87c60be6ae603ccbcdaf1b8415

New changelog entries:
  * Switch back to using os.rename in find_string_and_replace, as we require
    atomicity. Instead, always create the temporary file in the same
    directory as the original (thanks, Scott Kitterman; LP: #645774).
  * Use shutil.move rather than os.rename in find_string_and_replace
    (thanks, TualatriX; LP: #645774).

d800432... by Colin Watson on 2010-09-24

Import patches-unapplied version 0.6.5 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: fbb2e26bcdb1a3d4d159e60146837d0cd586c35a

New changelog entries:
  * Switch back to using os.rename in find_string_and_replace, as we require
    atomicity. Instead, always create the temporary file in the same
    directory as the original (thanks, Scott Kitterman; LP: #645774).
  * Use shutil.move rather than os.rename in find_string_and_replace
    (thanks, TualatriX; LP: #645774).

5b50696... by Michael Vogt on 2010-09-03

Import patches-applied version 0.6.3 to applied/ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 3e49e95bb946d47ed4feaadc11952ded542ae208
Unapplied parent: fbb2e26bcdb1a3d4d159e60146837d0cd586c35a

New changelog entries:
  [ Martin Pitt ]
  * data/LanguageSelector.ui, LanguageSelector/gtk/GtkLanguageSelector.py: Add
    a Close button. (LP: #345113)

  [ Michael Vogt ]
  * fix aptdaemon install/update (LP: #612825)

fbb2e26... by Michael Vogt on 2010-09-03

Import patches-unapplied version 0.6.3 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 133a8bb6a486b2857e277fd543660467b49c1459

New changelog entries:
  [ Martin Pitt ]
  * data/LanguageSelector.ui, LanguageSelector/gtk/GtkLanguageSelector.py: Add
    a Close button. (LP: #345113)

  [ Michael Vogt ]
  * fix aptdaemon install/update (LP: #612825)