Re: Bug#466539: gnome-peercast: CVE-2007-6454 heap-based buffer overflow possibly leading to code execution

To: Thijs Kinkhorst <thijs@debian.org>
Cc: 466539@bugs.debian.org, debian-qa@lists.debian.org
Subject: Re: Bug#466539: gnome-peercast: CVE-2007-6454 heap-based buffer overflow possibly leading to code execution
From: Romain Beauxis <toots@rastageeks.org>
Date: Tue, 19 Feb 2008 19:39:20 +0100
Message-id: <[🔎] 200802191939.20639.toots@rastageeks.org>
In-reply-to: <[🔎] 200802191408.49082.thijs@debian.org>
References: <20080219125743.8295.50508.reportbug@ras-macintosh> <[🔎] 200802191408.49082.thijs@debian.org>

Le Tuesday 19 February 2008 14:08:46 Thijs Kinkhorst, vous avez écrit :
> > As a side note, I've already done a lot of things to try to fix this,
> > but upstream seems not to care at all, and didn't maintain this package
> > for 1 year (last upload was my NMU)...
>
> So am I right to conclude that we'd better remove this package rather than
> to try and fix it?

Well, popcon is not zero, but unless maintainer is willing to support it (he 
is upstream too), then yes, that's my point too.


Romain

Reply to:

References:
- Re: Bug#466539: gnome-peercast: CVE-2007-6454 heap-based buffer overflow possibly leading to code execution
  - From: Thijs Kinkhorst <thijs@debian.org>

Prev by Date: Bug#466515: marked as done (PTS: "you should include .")
Next by Date: Re: mercury: should this package be removed?
Previous by thread: Re: Bug#466539: gnome-peercast: CVE-2007-6454 heap-based buffer overflow possibly leading to code execution
Next by thread: Re: mercury: should this package be removed?
Index(es):
- Date
- Thread