Bug#633870: CVE-2011-2684
Jonathan Wiltshire wrote:
> Dear maintainer,
>
> Recently you fixed one or more security problems and as a result you
> closed this bug. These problems were not serious enough for a Debian
> Security Advisory, so they are now on my radar for fixing in the following
> suites through point releases:
>
> lenny (5.0.9)
Hi Jonathan, and thanks for this mail,
as far as I can see, the foo2zjs version as shipped in Lenny (current
oldstable) is _not_ affected by this bug. I would appreciate a second
thought on that, though (take a look at the /usr/bin/getweb script in the
binary package).
Cheers,
OdyX
Reply to: