diff options
| -rw-r--r-- | debian/changelog | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 561b210..af035c3 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,16 @@ +foomatic-filters (4.0.10-1) UNRELEASED; urgency=low + + * New upstream release + - SECURITY FIX: Use the mktemp shell command/mkstemp() function to create + the debug log file and the renderer input data file (both files only + generated when foomatic-rip is un in debug mode) with file names with an + unpredictable part. The names are /tmp/foomatic-rip-XXXXXX.log and + /tmp/foomatic-rip-YYYYYY.ps where the XXXXXX and YYYYYY are replaced by + random strings. Thanks to Tim Waugh from Red Hat for for the patch + (Upstream bug #936, CVE-2011-2924). + + -- Till Kamppeter <till.kamppeter@gmail.com> Fri, 10 Feb 2012 21:18:03 +0100 + foomatic-filters (4.0.9-1ubuntu2) oneiric; urgency=low * debian/patches/use-ghostscript-for-pdf-to-ps.patch: Use Ghostscript instead |