Bug#506942: Buffer overflow exploit in versions until 2.1.8

2008-11-26 Thread martin f krafft
Package: no-ip Version: 2.1.1-4 Severity: critical Tags: security, fixed-upstream I just received the attached message from No-IP.com. This affects stable and testing. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1,

Bug#506942: Buffer overflow exploit in versions until 2.1.8

2008-11-26 Thread Adam D. Barratt
On Wed, 26 Nov 2008 09:50:16 +0100, martin f krafft wrote: Package: no-ip Version: 2.1.1-4 Severity: critical Tags: security, fixed-upstream I just received the attached message from No-IP.com. This affects stable and testing. This sounds like #506179, which was fixed in Debian in 2.1.7-11 a

Processed (with 1 errors): Re: Bug#506942: Buffer overflow exploit in versions until 2.1.8

2008-11-26 Thread Debian Bug Tracking System
Processing commands for [EMAIL PROTECTED]: severity 506942 grave Bug#506942: Buffer overflow exploit in versions until 2.1.8 Severity set to `grave' from `critical' merge 506942 506179 Bug#506179: no-ip: remote code execution vulnerability Bug#506942: Buffer overflow exploit in versions until

Bug#506942: Buffer overflow exploit in versions until 2.1.8

2008-11-26 Thread Steffen Joeris
Hi Martin I just received the attached message from No-IP.com. This affects stable and testing. I might be tired, but where does this differ from #506179, which is fixed in unstable? Cheers Steffen signature.asc Description: This is a digitally signed message part.

Bug#506942: Buffer overflow exploit in versions until 2.1.8

2008-11-26 Thread Avi Rozen
Package: no-ip Version: 2.1.1-4 Tags: patch Attached is a patch against noip2.c from the 2.1.1-4 source package in stable, based on the fixes made in 2.1.7-11 from unstable. Please note: I can build the package, but I have not tested the patched client (it should work...) Cheers, Avi ---