Package "bzr-doc"

Name:	bzr-doc
Description:	easy to use distributed version control system (documentation)
Latest version:	2.5.1-0ubuntu2.1
Release:	precise (12.04)
Level:	security
Repository:	main
Head package:	bzr
Homepage:	http://bazaar-vcs.org

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "bzr-doc"

All arch deb package

APT INSTALL

Other versions of "bzr-doc" in Precise

Repository	Area	Version
base	main	2.5.0-2ubuntu2
updates	main	2.5.1-0ubuntu2.1

Changelog

Version: 2.5.1-0ubuntu2.1 2021-05-03 14:07:14 UTC

bzr (2.5.1-0ubuntu2.1) precise-security; urgency=medium * SECURITY UPDATE: Possible arbitrary code execution on clients through malicious bzr+ssh URLs - debian/patches/24_ssh_hostnames-lp1710979.patch: ensure that host arguments to ssh cannot be treated as ssh options. - debian/patches/fixing_test_fail.patch: test fails for test_smart_transport.py this patch comment the offended line out. - LP: #1710979 - CVE-2017-14176 -- <email address hidden> (Leonidas S. Barbosa) Thu, 19 Oct 2017 13:29:36 -0300

1710979	bzr+ssh URLs don't strip SSH options
CVE-2017-14176	Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash chara

About - Send Feedback to @ubuntu_updates

Package "bzr-doc"

Links

Download "bzr-doc"

Other versions of "bzr-doc" in Precise

Changelog

Share this page

Bookmarks

Latest updates

proposed

PPA updates