[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#659149: CVE-2012-0839: Hash collision DoS



On Thu, Jan 17, 2013 at 07:29:25PM +0100, Stéphane Glondu wrote:
> Le 17/01/2013 12:42, Jonathan Wiltshire a écrit :
> > Recently you fixed one or more security problems and as a result you closed
> > this bug. These problems were not serious enough for a Debian Security
> > Advisory, so they are now on my radar for fixing in the following suites
> > through point releases: [...]
> 
> Unfortunately, this "fix" is part of a new major release and cannot be
> backported as it is. It doesn't look worth the trouble to design a new
> fix for squeeze and wheezy.

Thanks, noted.


-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

<directhex> i have six years of solaris sysadmin experience, from
            8->10. i am well qualified to say it is made from bonghits
			layered on top of bonghits

Attachment: signature.asc
Description: Digital signature


Reply to: