I believe I have another example of a more serious mistake:
grave bugs of bzip2 (1.0.5-0.1 - 1.0.5-1) done
#471670 - bzip2: CVE-2008-1372 buffer over-read via crafted archive file
(Fixed: 1.0.5-0.1)
I have the version that fixes the CVE issue, and yet apt-listbugs warns about
the bug, as if
At Mon, 25 Aug 2008 10:06:12 -0300,
Felipe Figueiredo wrote:
I believe I have another example of a more serious mistake:
grave bugs of bzip2 (1.0.5-0.1 - 1.0.5-1) done
#471670 - bzip2: CVE-2008-1372 buffer over-read via crafted archive file
(Fixed: 1.0.5-0.1)
I have the version that
grave bugs of bzip2 (1.0.5-0.1 - 1.0.5-1) done
#471670 - bzip2: CVE-2008-1372 buffer over-read via crafted archive file
(Fixed: 1.0.5-0.1)
This bug log itself is borken.
It is marked as found and fixed in 1.0.5-0.1.
Can you fix that please?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
3 matches
Mail list logo
