Accepted gps 0.9.4-1woody1 (i386 source)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 25 May 2003 18:28:06 -0400
Source: gps
Binary: gps rgpsp
Architecture: source i386
Version: 0.9.4-1woody1
Distribution: stable-security
Urgency: high
Maintainer: Nicholas Flintham <nick@flinny.demon.co.uk>
Changed-By: Matt Zimmerman <mdz@debian.org>
Description:
gps - Graphical PS using GTK
rgpsp - Remote gPS poller
Changes:
gps (0.9.4-1woody1) stable-security; urgency=high
.
* Non-maintainer upload by the Security Team
* Backport security fixes from upstream 1.1.0:
- bug fix on rgpsp connection source acceptation policy
(it was allowing any host to connect even when the
/etc/rgpsp.conf file told otherwise)
It is working now, but on any real ("production")
network I suggest you use IP filtering to enforce
the policy (like ipchains or iptables)
- Several possibilities of buffer overflows have been
fixed. Thanks to Stanislav Ievlev from ALT-Linux for
pointing a lot of them.
- fixed misformatting of command line parameters in
rgpsp protocol (command lines with newlines would
break the protocol)
- fixed buffer overflow bug that caused rgpsp
to SIGSEGV when stating processes with large
command lines (>128 chars) [Linux only]
Files:
ad873738d3e2a9f75186cd27a5a788b2 614 admin optional gps_0.9.4-1woody1.dsc
9572af016e2a9ade433477e81133025c 151324 admin optional gps_0.9.4.orig.tar.gz
25f482ffd075549555e2d0b92fc9ca66 4972 admin optional gps_0.9.4-1woody1.diff.gz
6d9601d1a3a96ede03d9ddb69a740426 114238 admin optional gps_0.9.4-1woody1_i386.deb
0a69ed9ad920415f38541980bbbb26d6 23958 admin optional rgpsp_0.9.4-1woody1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE+0U4sArxCt0PiXR4RAjoPAKC4YGFYA1XdddimyUkIaBAUQUMNxACg1157
5uM+xKLNU4rBQKcT9nmgsK8=
=3Vvy
-----END PGP SIGNATURE-----
Accepted:
gps_0.9.4-1woody1.diff.gz
to pool/main/g/gps/gps_0.9.4-1woody1.diff.gz
gps_0.9.4-1woody1.dsc
to pool/main/g/gps/gps_0.9.4-1woody1.dsc
gps_0.9.4-1woody1_i386.deb
to pool/main/g/gps/gps_0.9.4-1woody1_i386.deb
rgpsp_0.9.4-1woody1_i386.deb
to pool/main/g/gps/rgpsp_0.9.4-1woody1_i386.deb
Reply to: