UbuntuUpdates.org

Package "usb-creator"

Name: usb-creator

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • create a startup disk using a CD or disc image (common files)
  • create a startup disk using a CD or disc image (for GNOME)
  • create a startup disk using a CD or disc image (for KDE)

Latest version: 0.2.38.3ubuntu0.1
Release: precise (12.04)
Level: updates
Repository: main

Links



Other versions of "usb-creator" in Precise

Repository Area Version
base main 0.2.38
security main 0.2.38.3ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.2.38.3ubuntu0.1 2015-04-23 15:06:15 UTC

  usb-creator (0.2.38.3ubuntu0.1) precise-security; urgency=medium

  * SECURITY UPDATE: privilege escalation via missing polkit check
    (LP: #1447396)
    - bin/usb-creator-helper, dbus/com.ubuntu.usbcreator.policy.in: add
      proper polkit integration for KVM use.
    - CVE number pending
 -- Marc Deslauriers <email address hidden> Wed, 22 Apr 2015 23:18:51 -0400

Source diff to previous version
1447396 Tavis Ormandy discovered a local root vulnerability with the com.ubuntu.USBCreator dbus service

Version: 0.2.38.3 2014-05-14 00:08:31 UTC

  usb-creator (0.2.38.3) precise-proposed; urgency=low

  [ Chris Wulff ]
  * Initialise threads, before starting background task thread. (LP:
    #915626)
 -- Brian Murray <email address hidden> Mon, 16 Dec 2013 16:08:05 -0800

Source diff to previous version

Version: 0.2.38.2 2013-09-18 19:07:33 UTC

  usb-creator (0.2.38.2) precise-security; urgency=low

  * SECURITY UPDATE: possible privilege escalation via policykit UID lookup
    race.
    - bin/usb-creator-helper: pass system-bus-name as a subject instead of
      pid so policykit can get the information from the system bus.
    - CVE-2013-1063
  * This update does _not_ include the changes from 0.2.38.1 that was
    in precise-proposed.
 -- Marc Deslauriers <email address hidden> Wed, 18 Sep 2013 11:34:06 -0400

CVE-2013-1063 RESERVED



About   -   Send Feedback to @ubuntu_updates