Elrond wrote:
> Nearly all the relevant information, that is currently
> available regarding this issue, is in the bug logs.
> (see: <http://bugs.debian.org/365680>)
>
> Very Short summary:
>
> * bufferoverflow in C code
> * remotely exploitable
> * CVE has been requested by micah
> * Untested patch exists
>
> I _might_ be able to test, wether the package still works
> with the patch within the next 24 to 48 hours, but don't
> hold your breath on this.
Please let us know.
> As this has been disclosed publicly now anyway, I'd suggest
> keeping all important (new) information in the bug logs for
> easy review by interested parties.
Update prepared.
Regards,
Joey
--
It's practically impossible to look at a penguin and feel angry.
Please always Cc to me when replying to me on the lists.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
