So as if vacation messages were not enough, now we have nonsense replies? Listmaster, please unsubscribe this user: [email protected]
Rhett Jones escreveu: > Ok no worries talk then > > -----Original Message----- > From: Steffen Joeris [mailto:[email protected]] > Sent: Saturday, 21 March 2009 1:11 AM > To: [email protected] > Subject: [SECURITY] [DSA 1747-1] New glib2.0 packages fix arbitrary code > execution > Importance: High > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - ------------------------------------------------------------------------ > Debian Security Advisory DSA-1747-1 [email protected] > http://www.debian.org/security/ Steffen Joeris > March 20, 2009 http://www.debian.org/security/faq > - ------------------------------------------------------------------------ > > Package : glib2.0 > Vulnerability : integer overflow > Problem type : local (remote) > Debian-specific: no > CVE Id : CVE-2008-4316 > Debian Bugs : 520046 > > > Diego Petten discovered that glib2.0, the GLib library of C routines, > handles large strings insecurely via its Base64 encoding functions. This > could possible lead to the execution of arbitrary code. > > > For the stable distribution (lenny), this problem has been fixed in > version 2.16.6-1+lenny1. > > For the oldstable distribution (etch), this problem has been fixed in > version 2.12.4-2+etch1. > > For the testing distribution (squeeze), this problem will be fixed soon. > > For the unstable distribution (sid), this problem has been fixed in > version 2.20.0-1. > > > We recommend that you upgrade your glib2.0 packages. > > -- Eduardo M Kalinowski [email protected] -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
