-
sysstat (12.2.0-2ubuntu0.3) focal-security; urgency=medium
* SECURITY UPDATE: overflow in arithmetic multiplication
- debian/patches/CVE-2023-33204.patch: fix overflow check logic in
check_overflow() in common.c.
- CVE-2023-33204
-- Rodrigo Figueiredo Zaiden <email address hidden> Mon, 05 Jun 2023 11:19:10 -0300
-
sysstat (12.2.0-2ubuntu0.2) focal-security; urgency=medium
* SECURITY UPDATE: overflow in arithmetic multiplication
- debian/patches/CVE-2022-39377-1.patch: fix size_t overflow in
common.c, common.h, sa_common.c.
- debian/patches/CVE-2022-39377-2.patch: add more overflow checks in
common.c, common.h, sa_common.c, sadc.c.
- debian/patches/CVE-2022-39377-3.patch: make sure values to be
compared are unsigned integers in common.c, common.h, sa_common.c,
sadc.c.
- CVE-2022-39377
-- Marc Deslauriers <email address hidden> Fri, 25 Nov 2022 12:57:50 -0500
-
sysstat (12.2.0-2ubuntu0.1) focal; urgency=medium
* d/p/12-fix-wMB-json-output.patch: Correct values for the number of
megabytes written to the device per second when using JSON output.
Thanks to Sebastien GODARD <email address hidden> #264
on upstream (LP: #1888345).
-- Miriam EspaƱa Acebal <email address hidden> Mon, 09 Aug 2021 16:08:06 +0200
-
sysstat (12.2.0-2) unstable; urgency=medium
* Add 11-Double-free-in-check_file_actlst.patch, taken from upstream,
to really fix CVE-2019-19725 (closes: #946657).
-- Robert Luberda <email address hidden> Mon, 23 Dec 2019 20:11:03 +0100
-
sysstat (12.2.0-1) unstable; urgency=medium
* New upstream stable version:
+ fixes double free in check_file_actlst in check_file_actlst in
sa_common.c (CVE-2019-19725, closes: #946657).
* Replace debian/compat file with build dependency on debhelper-compat.
* Add lintian overrides for manpages that document internal programs
shipped in /usr/lib/sysstat.
* Add upstream metadata file.
-- Robert Luberda <email address hidden> Sun, 22 Dec 2019 12:44:20 +0100
-
sysstat (12.1.7-1) unstable; urgency=medium
* New upstream development version:
+ fixes memory corruption bug due to integer overflow in remap_struct()
function (CVE-2019-16167, closes: #939914).
* debian/control:
+ switch Build-Depends to libsensors-dev from libsensors4-dev
(closes: #917450);
+ Standards-Version: 4.4.1 (no changes).
-- Robert Luberda <email address hidden> Sat, 02 Nov 2019 11:55:12 +0100
-
sysstat (12.0.6-1) unstable; urgency=medium
* New upstream stable version.
-- Robert Luberda <email address hidden> Sun, 18 Aug 2019 13:05:20 +0200