On Thu, Jun 06, 2002 at 03:01:55PM -0500, Paul Baker wrote: > > Users of the not-yet-released woody distribution should ensure that they > > are running ethereal 0.9.4-1 or a later version. > > The advisory also says in the first sentence, "Ethereal versions prior > to 0.9.3 were vulnerable to an allocation error > in the ASN.1 parser." Does that not mean that woody's 0.9.3-1 is not > vulnerable? No. There were two problems mentioned. One affected potato's package, and the other did not (because it affected code that was introduced after potato's version.) 0.9.3 was the fix for the first problem and 0.9.4 was the fix for the second. -- Mike Stone
Attachment:
pgptX1WSWmrSk.pgp
Description: PGP signature