Re: Preparation of Debian GNU/Linux 2.2r4

To: debian-devel@lists.debian.org
Cc: joey@debian.org
Subject: Re: Preparation of Debian GNU/Linux 2.2r4
From: Damian M Gryski <dgryski@uwaterloo.ca>
Date: Sat, 13 Oct 2001 22:29:23 -0400
Message-id: <[🔎] 20011013222923.A18824@dmgware.dhs.org>
Mail-followup-to: debian-devel@lists.debian.org, joey@debian.org
Reply-to: Damian M Gryski <dgryski@uwaterloo.ca>
In-reply-to: <20011013123223.X18353@finlandia.infodrom.north.de>
References: <20011013123223.X18353@finlandia.infodrom.north.de>

On Sat, 13 Oct 2001, Martin Schulze wrote:
> xvt         stable    2.1-11      alpha, arm, i386, m68k, powerpc, sparc
> xvt         updates   2.1-13      i386
> 
> reject xvt_2.1-13_i386.changes
> 
> 	xvt (2.1-13) stable unstable; urgency=HIGH
> 	.
> 	  * Fix a yada bug which prevented the package building in some
> 	    situations.  Closes:Bug#102744.
> 	.
> 	xvt (2.1-12) unstable; urgency=HIGH
> 	.
> 	  * Fix a couple of buffer overflows which could result in a local
> 	    root compromise.  Thanks to Christophe Bailleux <cb@t-online.fr>
> 	    for finding them.
> 
> 	Alleged security fix.  No DSA.  All but i386 architectures
> 	missing.  And even worse the upload was meant for stable and
> 	unstable, which in turn will most likely render the upload
> 	useless for stable due to different libc versions.


   "Xvt 2.1 vulnerability"
      at
   http://www.securityfocus.com/archive/1/194473

   The advisory states the Debian Security Team was informed.

   Damian

-- 
Damian Gryski ==> dgryski@uwaterloo.ca | Linux, the choice of a GNU generation
512 pt Hacker Test score = 37%         | 500 pt Nerd Test score = 56% 
                   geek / linux zealot / coder / juggler

Reply to:

Prev by Date: Re: Keeping information on the build system
Next by Date: Re: squid cache
Previous by thread: Re: Preparation of Debian GNU/Linux 2.2r4
Next by thread: Re: Preparation of Debian GNU/Linux 2.2r4
Index(es):
- Date
- Thread