Imported Upstream version 4.0.10upstream/4.0.10

author: Till Kamppeter <till.kamppeter@gmail.com> 2012-02-10 21:12:59 +0100
committer: Till Kamppeter <till.kamppeter@gmail.com> 2012-02-10 21:12:59 +0100
commit: c0f0a7a97bb2d3ab217b9753351431509ea40840 (patch)
tree: 3d26edce048b73759d584cc9c28ea16ee4af1dd6 /ChangeLog
parent: d128dcd243d7115c292255621f819356772945d2 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index c51a731..3ceebe4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,20 @@
+2012-02-10  Till Kamppeter <till.kamppeter@gmail.com>
+
+	* Tagged branch for release 4.0.10.
+
+	* VERSION, README, USAGE, configure.ac: Updated for release 4.0.10.
+
+2011-08-18  Till Kamppeter <till.kamppeter@gmail.com>
+
+	* foomaticrip.c, renderer.c: SECURITY FIX: Use the mktemp shell
+	  command/mkstemp() function to create the debug log file and the
+	  renderer input data file (both files only generated when
+	  foomatic-rip is un in debug mode) with file names with an
+	  unpredictable part. The names are /tmp/foomatic-rip-XXXXXX.log and
+	  /tmp/foomatic-rip-YYYYYY.ps where the XXXXXX and YYYYYY are
+	  replaced by random strings. Thanks to Tim Waugh from Red Hat for
+	  for the patch (bug #936, CVE-2011-2924).
+
 2011-07-25  Till Kamppeter <till.kamppeter@gmail.com>
 
 	* Tagged branch for release 4.0.9.
author	Till Kamppeter <till.kamppeter@gmail.com>	2012-02-10 21:12:59 +0100
committer	Till Kamppeter <till.kamppeter@gmail.com>	2012-02-10 21:12:59 +0100
commit	c0f0a7a97bb2d3ab217b9753351431509ea40840 (patch)
tree	3d26edce048b73759d584cc9c28ea16ee4af1dd6 /ChangeLog
parent	d128dcd243d7115c292255621f819356772945d2 (diff)