Uploaded slrn 0.9.7.2-6 (m68k) to erlangen
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 22 Sep 2001 11:23:35 -0400
Source: slrn
Binary: slrnpull slrn
Architecture: m68k
Version: 0.9.7.2-6
Distribution: unstable
Urgency: high
Maintainer: Debian/m68k Build Daemon <buildd@kullervo.biophys.uni-duesseldorf.de>
Changed-By: Joey Hess <joeyh@debian.org>
Description:
slrn - threaded news reader (fast for slow links)
slrnpull - pulls a small newsfeed from an NNTP server
Changes:
slrn (0.9.7.2-6) unstable; urgency=HIGH
.
* Upstream security fix; slrn's internal uudecoder auto-executes any
shell script in the archive (thinking it's a shar, presumably!). That
just doesn't fly in today's internet. Slrn in unstable is actually
probably not vulnerable, probably, since it is set up to use the
uudeview library for decoding. However, this is too critical a security
fix to omit.
Files:
8cf902e0efc589e20018a312172a6e49 288964 news optional slrn_0.9.7.2-6_m68k.deb
73c8f0a951fe173acc6d2f1125988bf4 87326 news optional slrnpull_0.9.7.2-6_m68k.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.5 and Gnu Privacy Guard <http://www.gnupg.org/>
iEYEARECAAYFAjuvE5wACgkQcS3JWD3FdvdOoACeLqdwQ19KOZ0ta8I3Bs02xgNd
Mf0An24YtlyhLQZcwQxSixWgiWD5cdd9
=FbVL
-----END PGP SIGNATURE-----
Reply to: