Jeroen van Wolffelaar wrote:
tags 318286 sarge
thanks
On Thu, Jul 14, 2005 at 05:36:34PM +0300, Joey Hess wrote:
oftpd is vulnerable to anothere security hole. This time a crafted FTP
USER command can cause a crash. Since a buffer overflow is involved,
it's possible that this can be used to execute arbitrary code.
Details here: http://securitytracker.com/alerts/2005/Jul/1014413.html
I just removed it from unstable at the maintainer's request, as the same
version is in sarge, it probably should be dropped from sarge too in a
point release.
Removing a vulnerable package (because it is vulnerable) is a very bad idea.
Regards,
Joey
--
Life is too short to run proprietary software. -- Bdale Garbee
Please always Cc to me when replying to me on the lists.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]