Re: Woody release - WHAT is current status

To: debian-devel@lists.debian.org
Subject: Re: Woody release - WHAT is current status
From: Michael Stone <mstone@debian.org>
Date: Thu, 6 Jun 2002 16:32:33 -0400
Message-id: <[🔎] 20020606163233.B13378@justice.loyola.edu>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 40639188-7988-11D6-BBC7-0003937562B8@where2getit.com>; from pbaker@where2getit.com on Thu, Jun 06, 2002 at 03:01:55PM -0500
References: <[🔎] 20020606194744.GB13324@lina.inka.de> <[🔎] 40639188-7988-11D6-BBC7-0003937562B8@where2getit.com>

On Thu, Jun 06, 2002 at 03:01:55PM -0500, Paul Baker wrote:
> > Users of the not-yet-released woody distribution should ensure that they
> > are running ethereal 0.9.4-1 or a later version.
> 
> The advisory also says in the first sentence, "Ethereal versions prior 
> to 0.9.3 were vulnerable to an allocation error
> in the ASN.1 parser." Does that not mean that woody's 0.9.3-1 is not 
> vulnerable?

No. There were two problems mentioned. One affected potato's package,
and the other did not (because it affected code that was introduced
after potato's version.) 0.9.3 was the fix for the first problem and
0.9.4 was the fix for the second. 

-- 
Mike Stone

Attachment: pgptX1WSWmrSk.pgp
Description: PGP signature

Reply to:

References:
- Re: Woody release - WHAT is current status
  - From: Bernd Eckenfels <lists@lina.inka.de>
- Re: Woody release - WHAT is current status
  - From: Paul Baker <pbaker@where2getit.com>

Prev by Date: LO MEJOR PARA SU IMPRESORA
Next by Date: Re: Strange dpkg problem with latest doc-linux-html upgrade
Previous by thread: Re: Woody release - WHAT is current status
Next by thread: critical: german cover page on www.d.o out of date (security)
Index(es):
- Date
- Thread