diff options
| author | Till Kamppeter <till.kamppeter@gmail.com> | 2012-02-10 21:26:41 +0100 |
|---|---|---|
| committer | Till Kamppeter <till.kamppeter@gmail.com> | 2012-02-10 21:26:41 +0100 |
| commit | 6850631f9e7a0c6133a03f356e5d2769f746f354 (patch) | |
| tree | 5efb2518f5904466f856cb2d57feac6e98bf545f | |
| parent | 3fd20bb03cacfb98a14670e6f3d3eba6657884e8 (diff) | |
foomatic-filters 4.0.10.
| -rw-r--r-- | debian/changelog | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 561b210..af035c3 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,16 @@ +foomatic-filters (4.0.10-1) UNRELEASED; urgency=low + + * New upstream release + - SECURITY FIX: Use the mktemp shell command/mkstemp() function to create + the debug log file and the renderer input data file (both files only + generated when foomatic-rip is un in debug mode) with file names with an + unpredictable part. The names are /tmp/foomatic-rip-XXXXXX.log and + /tmp/foomatic-rip-YYYYYY.ps where the XXXXXX and YYYYYY are replaced by + random strings. Thanks to Tim Waugh from Red Hat for for the patch + (Upstream bug #936, CVE-2011-2924). + + -- Till Kamppeter <till.kamppeter@gmail.com> Fri, 10 Feb 2012 21:18:03 +0100 + foomatic-filters (4.0.9-1ubuntu2) oneiric; urgency=low * debian/patches/use-ghostscript-for-pdf-to-ps.patch: Use Ghostscript instead |