[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Preparation of Debian GNU/Linux 3.0r2

On Tue, Sep 09, 2003 at 06:42:27PM +0200, Martin Schulze wrote:

> zlib-bin      stable    1:1.1.4-1          alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
> zlib-bin      updates   1:1.1.4-1.0woody0  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
> zlib1-altdev  stable    1:1.1.4-1          i386
> zlib1-altdev  updates   1:1.1.4-1.0woody0  i386
> zlib1g-dev    stable    1:1.1.4-1          alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
> zlib1g-dev    updates   1:1.1.4-1.0woody0  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
> zlib1g        stable    1:1.1.4-1          alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
> zlib1g        updates   1:1.1.4-1.0woody0  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
> zlib1         stable    1:1.1.4-1          i386
> zlib1         updates   1:1.1.4-1.0woody0  i386
> zlib          stable    1:1.1.4-1          source
> zlib          updates   1:1.1.4-1.0woody0  source
> 
> 	* Define HAS_vsnprintf in gzio.c in order to avoid buffer overflows
> 	  (closes: #184763).
> 
> 	* Remove user Emacs variables from changelog.

This fixes CAN-2003-0107 in the Mitre CVE.  The code has been in
unstable for quite some time and should be safe for inclusion in stable
- a number of other distributions already fix this.
Reply to: