[pkg-bacula-commits] [bacula] 03/03: Note CVE 2017-14610 in changelog, prepare debian version 9.0.4+dfsg-3
Carsten Leonhardt
leo at moszumanska.debian.org
Thu Oct 26 20:28:37 UTC 2017
This is an automated email from the git hooks/post-receive script.
leo pushed a commit to branch master
in repository bacula.
commit 75d1b172f6422451aa48792a4f6ffe1588d51e13
Author: Carsten Leonhardt <leo at debian.org>
Date: Thu Oct 26 22:27:50 2017 +0200
Note CVE 2017-14610 in changelog, prepare debian version 9.0.4+dfsg-3
---
debian/changelog | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 57b42c7..e4b0c14 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,10 +1,16 @@
-bacula (9.0.4+dfsg-3) unstable; urgency=medium
+bacula (9.0.4+dfsg-3) unstable; urgency=high
+ [Sven Hartge]
+ * Let PID files be owned by root. Mitigates a minor security problem
+ similar to CVE 2017-14610. Note that this change disables automatic
+ tracebacks.
+
+ [Carsten Leonhardt]
* Removed lintian override for
virtual-package-depends-without-real-package-depends, fixed in lintian
* Updated Standards-Version to 4.1.1, no changes required
- --
+ -- Carsten Leonhardt <leo at debian.org> Thu, 26 Oct 2017 22:26:35 +0200
bacula (9.0.4+dfsg-2) unstable; urgency=low
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-bacula/bacula.git
More information about the pkg-bacula-commits
mailing list