fixed 585162 1.4.6-1 thanks Thanks for the notice Moritz. I'm already aware of the issue, and I've uploaded over a week ago the new upstream that fixes it.
On Wed, Jun 09, 2010 at 07:01:44PM +0200, Moritz Muehlenhoff wrote [edited]: > please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2060 That page is wrong in stating that 1.4.6-1 is vulnerable. > | Beanstalkd is meant to be ran in a trusted network, as it has no > | authorisation/authentication mechanisms. > > this is likely a non-issue? Indeed, it's no big deal, but nevertheless should be fixed for squeeze. I did the upload with urgency=medium, but it got stuck due to a random (unreproducible) build error in a mips host. I'll give them yet another ping to retry the build (not sure whether they missed my request, or they just have a long backlog). I'll close the bug as soon as 1.4.5 is gone from testing. Cheers, Serafeim -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
