Package: elog Version: 2.6.2 We recently came across a Denial of Service vulnerability in ELOG's elogd server which allows attackers to crash the service, thereby preventing legitimate access.
We worked with Mr. Stefan Ritt of midas.psi.ch to fix the issue and the fix has been made available in the website, http://savannah.psi.ch/websvn/log.php?repname=elog&path=%2Ftrunk%2F&rev=0&sc=0&isdir=1 Attached is our security advisory which describes the vulnerability in detail. We noticed that debian package of elog is also vulnerable. We would like to go public with the advisory. Please let us know when you can have the fix incorporated in your package. A quick and positive response from your side would be highly appreciated. Thanks, OS2A -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
