Uploaded slrn 0.9.7.2-6 (sparc) to ftp-master
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 22 Sep 2001 11:23:35 -0400
Source: slrn
Binary: slrnpull slrn
Architecture: sparc
Version: 0.9.7.2-6
Distribution: unstable
Urgency: high
Maintainer: Debian/sparc Build Daemon <buildd@sparc.debian.org>
Changed-By: Joey Hess <joeyh@debian.org>
Description:
slrn - threaded news reader (fast for slow links)
slrnpull - pulls a small newsfeed from an NNTP server
Changes:
slrn (0.9.7.2-6) unstable; urgency=HIGH
.
* Upstream security fix; slrn's internal uudecoder auto-executes any
shell script in the archive (thinking it's a shar, presumably!). That
just doesn't fly in today's internet. Slrn in unstable is actually
probably not vulnerable, probably, since it is set up to use the
uudeview library for decoding. However, this is too critical a security
fix to omit.
Files:
2547aac96fa490f1260b6d13e47d131f 315952 news optional slrn_0.9.7.2-6_sparc.deb
de2ef21864cf1eb1fbc5a80836186f53 92470 news optional slrnpull_0.9.7.2-6_sparc.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.6 and Gnu Privacy Guard <http://www.gnupg.org/>
iEYEARECAAYFAjuuEK8ACgkQgD/uEicUG7AmGQCggIYa1dgVF5+o3Ky6Y+S1pt1N
KZgAoLZvdizKvU75YPTnxjGJ4I1CtD41
=KrEC
-----END PGP SIGNATURE-----
Reply to: