Ubuntu
super package

CVE 2011-2776

Oneiric (11.10)
Bug #954579

Bug #954579 reported by Julian Taylor on 2012-03-13

260

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	super (Ubuntu)
	Oneiric	Fix Released	Undecided	Unassigned

Bug Description

the oneiric version of super is still vulnerable to CVE 2011-2776

Related branches

lp:~jtaylor/ubuntu/oneiric/super/CVE-2011-2776

Merged into lp:ubuntu/oneiric/super

Marc Deslauriers: Approve on 2012-03-14

Ubuntu branches: Pending requested 2012-03-13

lp:ubuntu/oneiric-security/super

CVE References

2011-2776

Julian Taylor (jtaylor) on 2012-03-13

no longer affects:

super (Ubuntu)

Marc Deslauriers (mdeslaur) on 2012-03-14

visibility:

private → public

Revision history for this message

Marc Deslauriers (mdeslaur) wrote on 2012-03-14:

ACK on the debdiff, thanks!

Packages will build now and will be released as security updates in the next few hours.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2012-03-14:

This bug was fixed in the package super - 3.30.0-5ubuntu0.1

---------------
super (3.30.0-5ubuntu0.1) oneiric-security; urgency=low

  * SECURITY UPDATE: buffer overflow when logging via syslog (LP: #954579).
   - 12-Use-vsnprintf.patch:
     use vsnprintf to prevent overflow
   - 13-Potential-format-string-vulnerability.patch
   - Thanks to Robert Luberda
   - CVE-2011-2776
-- Julian Taylor <email address hidden> Wed, 14 Mar 2012 00:22:33 +0100

Changed in super (Ubuntu Oneiric):
status:	New → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntusuper package