On Wed, Apr 12, 2006 at 05:59:45PM +0200, Moritz Muehlenhoff wrote:
The Debian security FAQ says that non-free is not supported, and I
understand why. But it also says that if it is fixable, an update can be
made. There were (a few) non-free security updates in the past.
I see that
Pierre Riteau wrote:
On Wed, Apr 05, 2006 at 11:00:16AM +0200, Moritz Muehlenhoff wrote:
x11 isn't setuid at all. -sdl has a strong debconf warning, that setuid
root is a risk (I guess it's used for DGA?) and the user can select it.
Only svgalib is setuid root, but a system running svgalib
On Tue, Apr 04, 2006 at 02:56:21PM +0200, Pierre Riteau wrote:
This bug has been pending for more than two months and no fix in Debian
yet... Does Bruno still track his bugs?
Here is two patches for both Sarge and Sid versions.
Pierre Riteau
(CC'ing [EMAIL PROTECTED] for the stable fix,
On Wed, Apr 05, 2006 at 10:08:55AM +0200, Moritz Muehlenhoff wrote:
On Tue, Apr 04, 2006 at 02:56:21PM +0200, Pierre Riteau wrote:
This bug has been pending for more than two months and no fix in Debian
yet... Does Bruno still track his bugs?
Here is two patches for both Sarge and Sid
Steve Langasek wrote:
This bug has been pending for more than two months and no fix in Debian
yet... Does Bruno still track his bugs?
Here is two patches for both Sarge and Sid versions.
Pierre Riteau
(CC'ing [EMAIL PROTECTED] for the stable fix, and the
Co-Maintainer as I
On Wed, Apr 05, 2006 at 11:00:16AM +0200, Moritz Muehlenhoff wrote:
Steve Langasek wrote:
This bug has been pending for more than two months and no fix in Debian
yet... Does Bruno still track his bugs?
Here is two patches for both Sarge and Sid versions.
Pierre Riteau
Steve Langasek wrote:
On Wed, Apr 05, 2006 at 11:00:16AM +0200, Moritz Muehlenhoff wrote:
Steve Langasek wrote:
This bug has been pending for more than two months and no fix in
Debian
yet... Does Bruno still track his bugs?
Here is two patches for both Sarge and Sid
On Wed, 2006-04-05 at 11:22 +0200, Moritz Muehlenhoff wrote:
Steve Langasek wrote:
On Wed, Apr 05, 2006 at 11:00:16AM +0200, Moritz Muehlenhoff wrote:
Steve Langasek wrote:
This bug has been pending for more than two months and no fix in
Debian
yet... Does Bruno still
On Wed, Apr 05, 2006 at 11:00:16AM +0200, Moritz Muehlenhoff wrote:
x11 isn't setuid at all. -sdl has a strong debconf warning, that setuid
root is a risk (I guess it's used for DGA?) and the user can select it.
Only svgalib is setuid root, but a system running svgalib apps in the year
2006 is
This bug has been pending for more than two months and no fix in Debian
yet... Does Bruno still track his bugs?
Here is two patches for both Sarge and Sid versions.
Pierre Riteau
(CC'ing [EMAIL PROTECTED] for the stable fix, and the
Co-Maintainer as I don't know if he receives BTS replies)
Package: xmame
Version: 0.101-1
Severity: critial
Tags: security
Hi!
A recent post on bugtraq [1] mentions several exploitable buffer
overflows. According to the CVE page [2] this was fixed upstream on
January 11. This becomes critical if xmame is installed suid root.
Please mention the CVE
tags 349653 pending
thanks
On Tue, 2006-01-24 at 13:03 +0100, Martin Pitt wrote:
Package: xmame
Version: 0.101-1
Severity: critial
Tags: security
Hi!
A recent post on bugtraq [1] mentions several exploitable buffer
overflows. According to the CVE page [2] this was fixed upstream on
12 matches
Mail list logo
