This bug was fixed in the package sympa - 5.3.4-2ubuntu2
---------------
sympa (5.3.4-2ubuntu2) hardy; urgency=low
* SECURITY UPDATE: (LP: #216591)
+ fixed src/PlainDigest.pm inline
- Sympa before 5.4 allows remote attackers to cause a denial of
service (daemon crash) via an e-mail message with a malformed
value of the Content-Type header and unspecified other headers.
NOTE: some of these details are obtained from third party
information.
* References
+ http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1648
+ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475163
-- Emanuele Gentili <[EMAIL PROTECTED]> Mon, 14 Apr 2008
08:44:38 +0200
** Changed in: sympa (Ubuntu Hardy)
Status: In Progress => Fix Released
--
[CVE-2008-1648] denial of service via crafted Content-Type header
https://bugs.launchpad.net/bugs/216591
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
