Ubuntu
smokeping package

CVE-2015-0859 arbitrary code execution

Bug #1525927 reported by Matt Johnston
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
smokeping (Ubuntu)
Incomplete
Medium
Matt Johnston

Bug Description

It looks like the Ubuntu package needs the fix from https://www.debian.org/security/2015/dsa-3405

CVE References

Matt Johnston (matt-ucc)
information type: Private Security → Public Security
information type: Public Security → Public
Revision history for this message
Matt Johnston (matt-ucc) wrote :
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "smokeping_2.6.8-2+deb7u1.debdiff" seems to be a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. If the attachment isn't a patch, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.]

tags: added: patch
Seth Arnold (seth-arnold)
information type: Public → Public Security
Mathew Hodson (mhodson)
Changed in smokeping (Ubuntu):
importance: Undecided → Medium
Revision history for this message
Tyler Hicks (tyhicks) wrote :

Hi Matt - Thanks for the bug report. Unfortunately, the debdiff is simply the Debian debdiff and not a proper debdiff for the smokeping packages in the various Ubuntu stable releases. This means that the debdiff doesn't apply and, because of that, it means that there's been no testing of this debdiff applied against the Ubuntu smokeping packages.

Please see this wiki page for information on preparing a set of debdiffs for Ubuntu:

  https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Packaging

Once that is done, please perform testing and then resubscribe ubuntu-security-sponsors to this bug and set the status to 'NEW'. Also, please mention the testing that you performed.

Thank you!

Changed in smokeping (Ubuntu):
assignee: nobody → Matt Johnston (matt-ucc)
status: New → Incomplete
tags: added: patch-needswork
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.