On Sat, Jul 09, 2005 at 11:30:50AM +0000, Kurt Roeckx <[EMAIL PROTECTED]> wrote: > It seems your package is linked staticly to zlib. There recently was a > new version of zlib uploaded that fixed a security issue, so your > package probably needs to be rebuild agains the new version. See > DSA-740.
Michael Stone points out that there doesn't seem to be an attack vector for this; aide only uses zlib for creating and opening its own database, and if a user is able to modify that then they've already compromised the system. I'm willing to listen to persuasive arguments in favor of an update, though, so I'll leave this bug open for a little longer. -- Mike Markley <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
