Uploaded realplayer 6.0alpha-4 (source i386) to master

To: debian-devel-changes@lists.debian.org
Subject: Uploaded realplayer 6.0alpha-4 (source i386) to master
From: joey@kitenet.net
Date: 2 Sep 1999 09:37:28 -0000
Message-id: <[🔎] 19990902093728.4576.qmail@kitenet.net>

-----BEGIN PGP SIGNED MESSAGE-----

Format: 1.6
Date: Thu,  2 Sep 1999 02:24:20 -0700
Source: realplayer
Binary: realplayer
Architecture: source i386
Version: 6.0alpha-4
Distribution: unstable
Urgency: high
Maintainer: Joey Hess <joeyh@master.debian.org>
Description: 
 realplayer - Real Player G2 (installer)
Changes: 
 realplayer (6.0alpha-4) unstable; urgency=HIGH
 .
   * Fixed symlink attack against postinst. Installation of arbitrary files
     into the filesystme, and probably overwriting of arbitrary files are
     possible if exploited.
   * I fixed the attack by requiring root drop the file into /root. I removed
     the permissions checking on the file, since it is now in a directory
     only root can write to.
Files: 
 72547815eadb0cc5d06f8a4e8aabc73c 526 contrib/net optional realplayer_6.0alpha-4.dsc
 face77339d78263735f9952fd0dd1986 6991 contrib/net optional realplayer_6.0alpha-4.tar.gz
 17872248a25fcf05cf870a07ca218a90 8122 contrib/net optional realplayer_6.0alpha-4_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQB1AwUBN85ERS/XHRyCt9S9AQFD2AMAst+8wUkJGtV9/EHHNuHnKUtXvThiWfqU
sSo+2TukySOY73iE1vO4Cxw4JyRmIgouoipjvjnj1RA7AqlsgCJMYrXas38f/yMT
bqUqRf7CKPsmTI9MujxhBrBORvbFhLOT
=aQpe
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Uploaded pvm 3.4.0-6 (powerpc) to master
Next by Date: Uploaded fakeroot 0.4.3-3 (sparc) to master
Previous by thread: Uploaded pvm 3.4.0-6 (powerpc) to master
Next by thread: Uploaded fakeroot 0.4.3-3 (sparc) to master
Index(es):
- Date
- Thread