* SECURITY UPDATE: c_rehash script allows command injection
- debian/patches/CVE-2022-1292.patch: switch to upstream patch, and
apply it before c_rehash-compat.patch.
- debian/patches/CVE-2022-2068.patch: fix file operations in
tools/c_rehash.in.
- debian/patches/c_rehash-compat.patch: updated patch to apply after
the security updates.
- CVE-2022-2068
-- Marc Deslauriers <email address hidden> Wed, 15 Jun 2022 14:16:37 -0400
This bug was fixed in the package openssl - 1.1.1f-1ubuntu2.15
--------------- 1ubuntu2. 15) focal-security; urgency=medium
openssl (1.1.1f-
* SECURITY UPDATE: c_rehash script allows command injection patches/ CVE-2022- 1292.patch: switch to upstream patch, and compat. patch. patches/ CVE-2022- 2068.patch: fix file operations in c_rehash. in. patches/ c_rehash- compat. patch: updated patch to apply after
- debian/
apply it before c_rehash-
- debian/
tools/
- debian/
the security updates.
- CVE-2022-2068
-- Marc Deslauriers <email address hidden> Wed, 15 Jun 2022 14:16:37 -0400