diff -u tomboy-0.4.1/debian/changelog tomboy-0.4.1/debian/changelog --- tomboy-0.4.1/debian/changelog +++ tomboy-0.4.1/debian/changelog @@ -1,3 +1,21 @@ +tomboy (0.4.1-0ubuntu3.1) edgy-security; urgency=low + + * SECURITY UPDATE: Multiple untrusted search path vulnerabilities in SUSE + Linux 9.3 and 10.0, and possibly other distributions, cause the working + directory to be added to LD_LIBRARY_PATH, which might allow local users to + execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in + August 2007, the tomboy vector was reported for other distributions. + * Added debian/patches/CVE-2005-4790.patch: + Fixed all LD_LIBRARY_PATHS with a fix from Gentoo. Need to change /bin/sh + to /bin/bash as well. + (See: http://bugs.gentoo.org/attachment.cgi?id=133582) + * References: + CVE-2005-4790 + http://bugs.gentoo.org/show_bug.cgi?id=189249 + https://bugzilla.redhat.com/show_bug.cgi?id=252294 + + -- Stephan Hermann Tue, 13 Nov 2007 23:57:47 +0100 + tomboy (0.4.1-0ubuntu3) edgy; urgency=low * debian/patches/03_applet-crash.patch: only in patch2: unchanged: --- tomboy-0.4.1.orig/debian/patches/04_CVE-2007-5395.patch +++ tomboy-0.4.1/debian/patches/04_CVE-2007-5395.patch @@ -0,0 +1,21 @@ +diff -Nur tomboy-0.4.1/Tomboy/tomboy.in tomboy-0.4.1.new/Tomboy/tomboy.in +--- tomboy-0.4.1/Tomboy/tomboy.in 2005-10-19 11:55:23.000000000 +0200 ++++ tomboy-0.4.1.new/Tomboy/tomboy.in 2007-11-13 23:57:19.000000000 +0100 +@@ -1,14 +1,14 @@ +-#!/bin/sh ++#!/bin/bash + + if [ -e ./@target@ ] && [ -e ./Makefile.am ] ; then + echo "*** Running uninstalled @target@ ***" + +- export LD_LIBRARY_PATH="../libtomboy/.libs:$LD_LIBRARY_PATH" ++ export LD_LIBRARY_PATH="../libtomboy/.libs${LD_LIBRARY_PATH+:$LD_LIBRARY_PATH}" + export TOMBOY_WRAPPER_PATH="$PWD/@wrapper@" + + THIS_EXE="--debug ./@target@" + else +- export LD_LIBRARY_PATH="@pkglibdir@:$LD_LIBRARY_PATH" ++ export LD_LIBRARY_PATH="@pkglibdir@${LD_LIBRARY_PATH+:$LD_LIBRARY_PATH}" + export TOMBOY_WRAPPER_PATH="@bindir@/@wrapper@" + + THIS_EXE="@pkglibdir@/@target@"