The Dell Mini Project

Please update PulseAudio to fix security vulnerability

Bug #400804 reported by Nicola Ferralis on 2009-07-17

256

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	The Dell Mini Project	Fix Committed	Undecided	Unassigned

Bug Description

PulseAusio in generic hardy has been update to version 0.9.10-1ubuntu1.1 to fix a security vulnerability. Hardy-dell-mini is still in version 0.9.10-1ubuntu1netbook0belmont2.

Changelog:

  * SECURITY UPDATE: root escalation from BIND_NOW re-execution.
    - 0040-do-not-exec-for-bindnow.patch: use -Wl,-z,now instead of
      performing a racey re-exec.
    - CVE-2009-1894

CVE References

2009-1894

Nicola Ferralis (feranick) on 2009-07-17

security vulnerability:

no → yes

Brian Chidester (brianchidester) on 2009-07-27

Changed in dell-mini:
status:	New → Confirmed

Revision history for this message

Nicola Ferralis (feranick) wrote on 2009-09-11:

In proposed repository.

Changed in dell-mini:
status:	Confirmed → Fix Committed

Revision history for this message

Nicola Ferralis (feranick) wrote on 2009-10-04:

Still in proposed. Should be pushed in main ASAP.

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.