Merge tag 'upstream/4.0.10'

Upstream version 4.0.10
author: Till Kamppeter <till.kamppeter@gmail.com> 2012-02-10 21:13:00 +0100
committer: Till Kamppeter <till.kamppeter@gmail.com> 2012-02-10 21:13:00 +0100
commit: 3fd20bb03cacfb98a14670e6f3d3eba6657884e8 (patch)
tree: 0893115f17bc69f5fad549fcebf1d4ae496524f9 /ChangeLog
parent: de36f9a56267ec98cacac15795131f2384843124 (diff)
parent: c0f0a7a97bb2d3ab217b9753351431509ea40840 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index c51a731..3ceebe4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,20 @@
+2012-02-10  Till Kamppeter <till.kamppeter@gmail.com>
+
+	* Tagged branch for release 4.0.10.
+
+	* VERSION, README, USAGE, configure.ac: Updated for release 4.0.10.
+
+2011-08-18  Till Kamppeter <till.kamppeter@gmail.com>
+
+	* foomaticrip.c, renderer.c: SECURITY FIX: Use the mktemp shell
+	  command/mkstemp() function to create the debug log file and the
+	  renderer input data file (both files only generated when
+	  foomatic-rip is un in debug mode) with file names with an
+	  unpredictable part. The names are /tmp/foomatic-rip-XXXXXX.log and
+	  /tmp/foomatic-rip-YYYYYY.ps where the XXXXXX and YYYYYY are
+	  replaced by random strings. Thanks to Tim Waugh from Red Hat for
+	  for the patch (bug #936, CVE-2011-2924).
+
 2011-07-25  Till Kamppeter <till.kamppeter@gmail.com>
 
 	* Tagged branch for release 4.0.9.
author	Till Kamppeter <till.kamppeter@gmail.com>	2012-02-10 21:13:00 +0100
committer	Till Kamppeter <till.kamppeter@gmail.com>	2012-02-10 21:13:00 +0100
commit	3fd20bb03cacfb98a14670e6f3d3eba6657884e8 (patch)
tree	0893115f17bc69f5fad549fcebf1d4ae496524f9 /ChangeLog
parent	de36f9a56267ec98cacac15795131f2384843124 (diff)
parent	c0f0a7a97bb2d3ab217b9753351431509ea40840 (diff)