traceroute root exploit

To: debian-devel@lists.debian.org
Cc: security@debian.org
Subject: traceroute root exploit
From: Adam McKenna <adam-debian@flounder.net>
Date: Wed, 11 Oct 2000 19:57:00 -0400
Message-id: <20001011195700.P16709@flounder.net>
Mail-followup-to: debian-devel@lists.debian.org, security@debian.org

A root exploit for traceroute that was verified to work on potato was posted
to bugtraq almost a week ago, yet no security bulletin has been published and
the update has not yet been released for potato.  I've been told by a member
of the security team that the update is sitting in proposed-updates, and has
been for over a month.  What is holding up this update?

Thanks,

--Adam

-- 
Adam McKenna <adam-sig@flounder.net> | "No matter how much it changes, 
http://flounder.net/publickey.html   |  technology's just a bunch of wires 
GPG: 17A4 11F7 5E7E C2E7 08AA        |  connected to a bunch of other wires."
     38B0 05D0 8BF7 2C6D 110A        |  Joe Rogan, _NewsRadio_
  7:53pm  up 123 days, 17:09, 11 users,  load average: 0.04, 0.03, 0.01

Reply to:

Follow-Ups:
- Re: traceroute root exploit
  - From: Daniel Jacobowitz <dan@debian.org>

Prev by Date: Re: What is a Kernel?
Next by Date: Re: Bug Tags
Previous by thread: Re: bugreport: libdbd-mysql-perl & libmysqlclient9
Next by thread: Re: traceroute root exploit
Index(es):
- Date
- Thread