-
colord (0.1.12-1ubuntu2.1) oneiric-security; urgency=low
* SECURITY UPDATE: arbitrary database modification via SQL injection
- debian/patches/CVE-2011-4349.diff: Use sqlite3_mprintf in
src/cd-device-db.c, src/cd-mapping-db.c.
- CVE-2011-4349
-- Marc Deslauriers <email address hidden> Tue, 29 Nov 2011 08:48:45 -0500
-
colord (0.1.12-1ubuntu2) oneiric; urgency=low
* debian/control: Add missing liblcms2-dev, libdbus-1-dev, libglib2.0-dev
dependencies to libcolord-dev, to fix FTBFS of reverse dependencies.
-- Martin Pitt <email address hidden> Tue, 20 Sep 2011 06:48:06 +0200
-
colord (0.1.12-1ubuntu1) oneiric; urgency=low
* New upstream release
* libcolord1.symbols:
- Updated symbols
* debian/patches/02_add_enable_volume_search.diff:
* debian/patches/03_enable_running_as_system_user.diff:
* debian/patches/04_udev_sensor_acls.diff:
- Removed upstream patches
-- Rodrigo Moya <email address hidden> Mon, 19 Sep 2011 17:40:44 +0200
-
colord (0.1.11-1ubuntu2) oneiric; urgency=low
* debian/patches/06_use_dbus_security_for_permissions.diff:
- Patch to allow root and at_console access to access the colord service.
This matches the default PolicyKit rules.
* debian/patches/07_fix_disable_polkit_build.diff:
- Fix the build when passing --disable-polkit
* debian/rules:
* debian/control:
- Disable PolicyKit support, in favour of the dbus security introduced
above. PolicyKit is not usable as access control to a non-root service.
(LP: #837851)
-- Christopher James Halse Rogers <email address hidden> Fri, 02 Sep 2011 17:09:42 +1000
-
colord (0.1.11-1ubuntu1) oneiric; urgency=low
* debian/patches/02_add_enable_volume_search.diff
- Cherry-pick from upstream, adding an option to prevent the daemon from
automatically attempting to import colour profiles on removable media.
* debian/patches/03_enable_running_as_system_user.diff
- Cherry-pick from upstream, adding an option to run the daemon as a system
user rather than root.
* debian/rules:
* debian/control:
* debian/colord.postinst:
- Enable the above options, and run the daemon as the 'colord' user.
Resolves security concerns from MIR (bug 823185).
* debian/patches/04_udev_sensor_acls.diff
- Add an acl to the colourimetry sensors to allow the daemon to access them
now that it's not running as root.
* debian/control:
- Recommend icc-profiles-free so that we have some colour spaces by default
* debian/gbp.conf:
- Point at ubuntu branch.
* debian/patches/05_adapt_fallbacks_to_icc_profiles.diff:
- Adapt the StandardSpaces mapping to match the profiles found in
icc-profiles-free.
-- Christopher James Halse Rogers <email address hidden> Wed, 24 Aug 2011 10:44:21 +1000
-
colord (0.1.11-1) unstable; urgency=low
* Initial release (Closes: #633518, LP: #741448)
-- Chris Halse Rogers <email address hidden> Mon, 08 Aug 2011 09:56:33 +0000