Your message dated Tue, 31 Jul 2007 23:13:56 +1000
with message-id <[EMAIL PROTECTED]>
and subject line fixed in 2.4.3.31-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: tinymux
Severity: important
Hi mate
There is a CVE[0] report which states that tinymux is vulnerable as
followed:
Buffer overflow in TinyMUX before 2.4 allows attackers to cause a denial
of service via unspecified vectors related to "too many substring
matches in a regexp $-command." NOTE: some of these details are obtained
from third party information.
Please also see this advisory[1], which explains that the versions prior
to 2.4.3.34 are affected.
Can you please invesitage this.
Thanks for your efforts.
Cheers
Steffen
[0]:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1958
[1]: http://www.frsirt.com/english/advisories/2007/1213
--- End Message ---
--- Begin Message ---
Sorry for the noise. Issue was fixed in 2.4.3.31-1 .
Cheers
Steffen
signature.asc
Description: This is a digitally signed message part.
--- End Message ---
