Re: Preparation of Debian GNU/Linux 3.0r2
On Tue, Sep 09, 2003 at 06:42:27PM +0200, Martin Schulze wrote:
> zlib-bin stable 1:1.1.4-1 alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
> zlib-bin updates 1:1.1.4-1.0woody0 alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
> zlib1-altdev stable 1:1.1.4-1 i386
> zlib1-altdev updates 1:1.1.4-1.0woody0 i386
> zlib1g-dev stable 1:1.1.4-1 alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
> zlib1g-dev updates 1:1.1.4-1.0woody0 alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
> zlib1g stable 1:1.1.4-1 alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
> zlib1g updates 1:1.1.4-1.0woody0 alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
> zlib1 stable 1:1.1.4-1 i386
> zlib1 updates 1:1.1.4-1.0woody0 i386
> zlib stable 1:1.1.4-1 source
> zlib updates 1:1.1.4-1.0woody0 source
>
> * Define HAS_vsnprintf in gzio.c in order to avoid buffer overflows
> (closes: #184763).
>
> * Remove user Emacs variables from changelog.
This fixes CAN-2003-0107 in the Mitre CVE. The code has been in
unstable for quite some time and should be safe for inclusion in stable
- a number of other distributions already fix this.
Reply to: