registry team mailing list archive

Thread
Date

[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes

To: registry@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <677226@xxxxxxxxxxxxxxxxxx>
Date: Tue, 23 Nov 2010 17:43:20 -0000
Reply-to: Bug 677226 <677226@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package systemtap - 1.3-1ubuntu1

---------------
systemtap (1.3-1ubuntu1) natty; urgency=low

  [ Lorenzo De Liso ]
  * SECURITY UPDATE: staprun module loading/unloading security fixes
    (LP: #677226)
    - debian/patches/CVE-2010-4170+CVE-2010-4171.patch
    - CVE 2010-4170
    - CVE 2010-4171

  [ Steve Beattie ]
  * debian/rules, debian/systemtap-runtime.postinst: restrict
    executable access to group stapusr to match upstream intent
 -- Steve Beattie <sbeattie@xxxxxxxxxx>   Fri, 19 Nov 2010 15:32:49 -0800

-- 
CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
https://bugs.launchpad.net/bugs/677226
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for Debian.

References

[Bug 677226] [NEW] CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Lorenzo De Liso, 2010-11-18