Sorry about nagging, particularly since bug 248796 seems to suggest emacs21
needs hand-patching each release, but is there some reason version 21.3+1-9
isn't on alioth?
Thanks,
Robert.
Debian Security Advisory DSA 685-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
February 17th, 2005 http://www.debian.org/security/faq
--------------------------------------------------------------------------
Package : emacs21
Vulnerability : format string
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2005-0100
Max Vozeler discovered several format string vulnerabilities in the
movemail utility of Emacs, the well-known editor. Via connecting to a
malicious POP server an attacker can execute arbitrary code under the
privileges of group mail.
For the stable distribution (woody) these problems have been fixed in
version 21.2-1woody3.
For the unstable distribution (sid) these problems have been fixed in
version
----
Robert King, Statistics, School of Mathematical & Physical Sciences,
University of Newcastle, Australia
Room V133 ph +61 2 4921 5548
Robert.King@newcastle.edu.au http://maths.newcastle.edu.au/~rking/
Sturgeon's law:
"Sure, 90% of science-fiction is crud. That's because 90% of everything
is crud."