Re: Preparation of Debian GNU/Linux 2.2r4
On Sat, 13 Oct 2001, Martin Schulze wrote:
> xvt stable 2.1-11 alpha, arm, i386, m68k, powerpc, sparc
> xvt updates 2.1-13 i386
>
> reject xvt_2.1-13_i386.changes
>
> xvt (2.1-13) stable unstable; urgency=HIGH
> .
> * Fix a yada bug which prevented the package building in some
> situations. Closes:Bug#102744.
> .
> xvt (2.1-12) unstable; urgency=HIGH
> .
> * Fix a couple of buffer overflows which could result in a local
> root compromise. Thanks to Christophe Bailleux <cb@t-online.fr>
> for finding them.
>
> Alleged security fix. No DSA. All but i386 architectures
> missing. And even worse the upload was meant for stable and
> unstable, which in turn will most likely render the upload
> useless for stable due to different libc versions.
"Xvt 2.1 vulnerability"
at
http://www.securityfocus.com/archive/1/194473
The advisory states the Debian Security Team was informed.
Damian
--
Damian Gryski ==> dgryski@uwaterloo.ca | Linux, the choice of a GNU generation
512 pt Hacker Test score = 37% | 500 pt Nerd Test score = 56%
geek / linux zealot / coder / juggler
Reply to: