On Mon May 27, 2002 at 12:39:07AM -0700, Ben Reser wrote: > > Oops, I just found the issue, fixed the rpm and provided it..., maybe I > > shouldn't have... > > Not your fault Oden. Really it isn't a problem. I'm not convinced you > and vdanen are talking about the same thing but I can't really go into > details and explain it. vdanen will get it cleared up though. :)
Actually, it's kinda funny. RedHat posted their updates which fix an RFC822 bug we were supposed to coordinate... but they referenced this other buffer overflow but it doesn't look like they included the patch (Caldera did, however). Anyways, I put in a new version that has the proper patch applied (the overflow patch was for a different bug, not referenced in their advisory, although they didn't look to fix the bug that they *did* reference). At any rate, since srpms are under public scrutiny, I assume the RFC822 bug is public now and ours will be available shortly. -- MandrakeSoft Security; http://www.mandrakesecure.net/ "lynx -source http://www.freezer-burn.org/bios/vdanen.gpg | gpg --import" 1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD Current Linux kernel 2.4.18-6.4mdk uptime: 4 days 2 hours 50 minutes.
msg64896/pgp00000.pgp
Description: PGP signature
