Branches for Raring

Author: Colin Watson
Revision Date: 2013-02-25 20:36:40 UTC

* Backport from upstream (Simon Tatham, closes: #701425):
  - Check the return values of setuid and friends.
  - Remove the half-hearted attempt to make the utmp helper process drop
    privileges just before dying of a fatal signal.

Author: Colin Watson
Revision Date: 2013-08-07 11:50:45 UTC

* CVE-2013-4206: Buffer underrun in modmul could corrupt the heap.
* CVE-2013-4852: Negative string length in public-key signatures could
  cause integer overflow and overwrite all of memory (closes: #718779).
* CVE-2013-4207: Non-coprime values in DSA signatures can cause buffer
  overflow in modular inverse.
* CVE-2013-4208: Private keys were left in memory after being used by
  PuTTY tools.
* Backport some general proactive potentially-security-relevant tightening
  from upstream.

Author: Colin Watson
Revision Date: 2013-08-07 11:50:45 UTC

* CVE-2013-4206: Buffer underrun in modmul could corrupt the heap.
* CVE-2013-4852: Negative string length in public-key signatures could
  cause integer overflow and overwrite all of memory (closes: #718779).
* CVE-2013-4207: Non-coprime values in DSA signatures can cause buffer
  overflow in modular inverse.
* CVE-2013-4208: Private keys were left in memory after being used by
  PuTTY tools.
* Backport some general proactive potentially-security-relevant tightening
  from upstream.

Author: Colin Watson
Revision Date: 2013-02-25 20:36:40 UTC

* Backport from upstream (Simon Tatham, closes: #701425):
  - Check the return values of setuid and friends.
  - Remove the half-hearted attempt to make the utmp helper process drop
    privileges just before dying of a fatal signal.