On Thu, 23 Jun 2005 [EMAIL PROTECTED] wrote:
a remote-dos-vulnerability in spamassassin 3.0.1-3.0.3 was announced a week
ago. while most other distributions have since then reacted on this a debian
stable security fix seems still unavailable. on the package maintainer's page
it says the fix is long done and is just waiting for the security-team to act
on it [0].
so my question is: why has the fix not been released yet (after 7 days)?
after all, a remotely exploitable bug in most mailreceiving systems should
have a rather high priority.
There is also a bug in su package which is since 6 days not fixed. Hallo,
security team, wake up! Debian Sarge is buggy! Sarge is dangerous.
Marek
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
