redhat-cluster 2.20080227-0ubuntu1.3 source package in Ubuntu
Changelog
redhat-cluster (2.20080227-0ubuntu1.3) hardy-security; urgency=low
* SECURITY UPDATE: insecure temporary file handling in multiple places.
- debian/patches/900_fence_vmware.dpatch: move logfile to protected
directory
- debian/patches/900_tempfix_daemons.dpatch: move logfile to protected
directory
- debian/patches/900_tempfix_fs.dpatch: move logfile to protected
directory (and update make/defines.mk.input)
- debian/patches/900_tempfix_gfs2_debugfs.dpatch: use mkdtemp() in misc.c
- debian/patches/900_tempfix_gfs2_savemeta.dpatch: use mkstemp() in
savemeta.c
- debian/patches/900_tempfix_libgfs2.dpatch: use mkdtemp() in misc.c and
clean out (now) unneeded functions
- debian/patches/900_tempfix_lvm_by_vg.dpatch: don't log debugging
information to temporary file
- debian/patches/900_tempfix_oracledb.dpatch: use mktemp and move logfile
to protected directory (fix in the source even though it is not
installed)
- debian/patches/900_tempfix_SAPDatabase.dpatch: use mktemp
- debian/patches/900_tempfix_smb.dpatch: use mktemp
- debian/patches/900_tempfix_svclib_nfslock.dpatch: use mktemp
- debian/patches/900_ccstool.dpatch: use mkostemp()
- Patches based on upstream changes
- CVE-2008-6552
* SECURITY UDPATE: insecure temporary file handling on /tmp/apclog
- debian/patches/900_fence_apc.dpatch: don't reference /tmp/apclog
in fence_apc man page, since it is not used. Update fence_apc.pl,
fence_apc.py and fence_apc_snmp.py to use @LOGDIR@/apclog. Updated
make/fenceperl.mk and make/fencepy.mk to substitute @LOGDIR@
- CVE-2008-4579
* SECURITY UPDATE: buffer overflow when adding entries to ccsais xml block
- debian/patches/901_cman_overflow.dpatch: define and check for
MAXXMLNODES in cman/daemon/config.c and cman/daemon/ais.c
- CVE-2008-6560
* debian/cman.dirs and rgmanager.dirs: install /var/log/cluster
-- Jamie Strandboge <email address hidden> Thu, 17 Dec 2009 12:58:52 -0600
Upload details
- Uploaded by:
- Jamie Strandboge
- Uploaded to:
- Hardy
- Original maintainer:
- Ubuntu Development Team
- Architectures:
- any
- Section:
- admin
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| redhat-cluster_2.20080227.orig.tar.gz | 1.7 MiB | 4c0aaab8755d46fa2e1171666f97e07fb95fd24bf73095ea4d2f758eb6525ab6 |
| redhat-cluster_2.20080227-0ubuntu1.3.diff.gz | 52.5 KiB | 7ea959320f8d94a89df98b8dd93580c26105e3146637b7681eb3e34b91f78128 |
| redhat-cluster_2.20080227-0ubuntu1.3.dsc | 1.3 KiB | 8c499b5bf37c53aa56f1c2ea1abae6cc48b043287029fd253af631e7f5c994ca |
Available diffs
Binary packages built by this source
- cman: No summary available for cman in ubuntu hardy.
No description available for cman in ubuntu hardy.
- gfs-tools: No summary available for gfs-tools in ubuntu hardy.
No description available for gfs-tools in ubuntu hardy.
- gfs2-tools: No summary available for gfs2-tools in ubuntu hardy.
No description available for gfs2-tools in ubuntu hardy.
- gnbd-client: No summary available for gnbd-client in ubuntu hardy.
No description available for gnbd-client in ubuntu hardy.
- gnbd-server: No summary available for gnbd-server in ubuntu hardy.
No description available for gnbd-server in ubuntu hardy.
- libcman-dev: No summary available for libcman-dev in ubuntu hardy.
No description available for libcman-dev in ubuntu hardy.
- libcman2: No summary available for libcman2 in ubuntu hardy.
No description available for libcman2 in ubuntu hardy.
- libdlm-dev: No summary available for libdlm-dev in ubuntu hardy.
No description available for libdlm-dev in ubuntu hardy.
- libdlm2: No summary available for libdlm2 in ubuntu hardy.
No description available for libdlm2 in ubuntu hardy.
- redhat-cluster-source: No summary available for redhat-cluster-source in ubuntu hardy.
No description available for redhat-
cluster- source in ubuntu hardy.
- redhat-cluster-suite: No summary available for redhat-cluster-suite in ubuntu hardy.
No description available for redhat-
cluster- suite in ubuntu hardy.
- rgmanager: No summary available for rgmanager in ubuntu hardy.
No description available for rgmanager in ubuntu hardy.
