> http://security-tracker.debian.net/tracker/CVE-2007-5116
>
> is uninformative, but that is cve id that redhat and others are
> referring to.
I've added some more information, including a link to the upstream patch
(whose essence applies cleanly to the versions in sarge and etch).
As a side effe
On Tue, Nov 06, 2007 at 12:59:29PM +, Mike Astle wrote:
> That don't look so good:
>
>
>
> "[...] discovered a flaw in Perl's regular
> expression engine. Specially crafted input to a regular expression can
> cause Perl to improperly allocate memory, resulting in the possible
> execution
On Tue, Nov 06, 2007 at 06:04:40AM -0800, peterer wrote:
>
> When I manually download debian packages (from
> http://www.debian.org/distrib/packages), how can I verify that they have not
> been tampered with?
Individual packages are not signed, so you would basically need to
manually repeat the p
Hello,
When I manually download debian packages (from
http://www.debian.org/distrib/packages), how can I verify that they have not
been tampered with?
I cannot use apt since these packages I need are not available in my
(ubuntu) repository.
Regards,
Lotharster
--
View this message in context:
4 matches
Mail list logo
