Re: traceroute root exploit
On Wed, Oct 11, 2000 at 07:57:00PM -0400, Adam McKenna wrote:
> A root exploit for traceroute that was verified to work on potato was posted
> to bugtraq almost a week ago, yet no security bulletin has been published and
> the update has not yet been released for potato. I've been told by a member
> of the security team that the update is sitting in proposed-updates, and has
> been for over a month. What is holding up this update?
For reference, I believe this is the seventh or eighth email on this
topic I've sent in several days, including a few to this list...
We are backlogged. I am busy with my classwork, as midterms approach,
but I'm trying to get advisories out as I can; Joey is unavailable;
Wichert and Michael Stone are both away for a few days, I think. We're
trying. Because I have said in several forums that the traceroute fix
was available, it was not high on my list of priorities. It will be
done soon.
Dan
/--------------------------------\ /--------------------------------\
| Daniel Jacobowitz |__| SCS Class of 2002 |
| Debian GNU/Linux Developer __ Carnegie Mellon University |
| dan@debian.org | | dmj+@andrew.cmu.edu |
\--------------------------------/ \--------------------------------/
Reply to: