Re: emacs21 version 21.3+1-9

[Javier Kohen <jkohen@users.sourceforge.net>]

Hi Robert,

Emacs21-21.3+1-9 is indeed part of Debian AMD64, at least on the gcc-3.4 
archive.

Cheers,

Robert King wrote:
> Sorry about nagging, particularly since bug 248796 seems to suggest emacs21 
> needs hand-patching each release, but is there some reason version  21.3+1-9 
> isn't on alioth?
>
> Thanks,
> Robert.
>
> Debian Security Advisory DSA 685-1                     security@debian.org
> http://www.debian.org/security/                             Martin Schulze
> February 17th, 2005                     http://www.debian.org/security/faq
> --------------------------------------------------------------------------
>
> Package        : emacs21
> Vulnerability  : format string
> Problem-Type   : remote
> Debian-specific: no
> CVE ID         : CAN-2005-0100
>
> Max Vozeler discovered several format string vulnerabilities in the
> movemail utility of Emacs, the well-known editor.  Via connecting to a
> malicious POP server an attacker can execute arbitrary code under the
> privileges of group mail.
>
> For the stable distribution (woody) these problems have been fixed in
> version 21.2-1woody3.
>
> For the unstable distribution (sid) these problems have been fixed in
> version 
>
>   
> ----
> Robert King, Statistics, School of Mathematical & Physical Sciences,
> University of Newcastle, Australia
> Room V133  ph +61 2 4921 5548
> Robert.King@newcastle.edu.au   http://maths.newcastle.edu.au/~rking/
>
> Sturgeon's law:
>  
> "Sure, 90% of science-fiction is crud.  That's because 90% of everything
> is crud."


--
Javier Kohen <jkohen@users.sourceforge.net>
ICQ: blashyrkh #2361802
Jabber: jkohen@jabber.org