986e548e28
Multiple security fixes, update to 2.1.1 OBS-URL: https://build.opensuse.org/request/show/254842 OBS-URL: https://build.opensuse.org/package/show/shells/fish?expand=0&rev=4
36 lines
1.4 KiB
Plaintext
36 lines
1.4 KiB
Plaintext
-------------------------------------------------------------------
|
|
Thu Oct 9 12:05:02 UTC 2014 - seanpwatson@live.com
|
|
|
|
- update to 2.1.1
|
|
- The fish_config web interface now uses an authentication token
|
|
to protect requests and only responds to requests from the local
|
|
machine with this token, preventing a remote code execution attack
|
|
(closing CVE-2014-2914).
|
|
- psub and funced are no longer vulnerable to attacks which
|
|
allow local privilege escalation and data tampering (closing
|
|
CVE-2014-2906 and CVE-2014-3856)
|
|
- fishd uses a secure path for its socket, preventing a local
|
|
privilege escalation attack (closing CVE-2014-2905)
|
|
- __fish_print_packages is no longer vulnerable to attacks which
|
|
would allow local privilege escalation and data tampering
|
|
(closing CVE-2014-3219)
|
|
-fishd now ignores SIGPIPE, fixing crashes using tools like
|
|
GNU Parallel and which occurred more often as a result of
|
|
the other fishd changes.
|
|
-------------------------------------------------------------------
|
|
Sat Oct 12 20:34:28 UTC 2013 - mailaender@opensuse.org
|
|
|
|
- update to 2.1.0
|
|
- removed rpath patch as it has been resolved upstream
|
|
|
|
-------------------------------------------------------------------
|
|
Sat May 18 06:36:25 UTC 2013 - mailaender@opensuse.org
|
|
|
|
- Update to version 2.0
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Mar 28 00:00:00 UTC 2009 - bitshuffler@opensuse.org
|
|
|
|
- Initial RPM
|
|
|