Elrond wrote: > Nearly all the relevant information, that is currently > available regarding this issue, is in the bug logs. > (see: <http://bugs.debian.org/365680>) > > Very Short summary: > > * bufferoverflow in C code > * remotely exploitable > * CVE has been requested by micah > * Untested patch exists > > I _might_ be able to test, wether the package still works > with the patch within the next 24 to 48 hours, but don't > hold your breath on this.
Please let us know. > As this has been disclosed publicly now anyway, I'd suggest > keeping all important (new) information in the bug logs for > easy review by interested parties. Update prepared. Regards, Joey -- It's practically impossible to look at a penguin and feel angry. Please always Cc to me when replying to me on the lists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]