[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: final report on all woody DSAs and sarge

Joey Hess <joeyh@debian.org> writes:

> [11 Jun 2003] DSA-316 nethack - buffer overflow, incorrect permissions
> 	{CAN-2003-0358 CAN-2003-0359}
> 	- nethack 3.4.1-1
> 	NOTE: DSA contains some strange non-nethack version numbers

We have a number of nathack variants sharing the same codebase which
all included the buffer overflow-bug (CAN-2003-0358). We have at least
nethack, jnethack, falconseye and slashem.

The advisories for each of these packages is:

  nethack    - DSA-316
  slashem    - DSA-316-2
  jnethack   - DSA-316-3
  falconseye - DSA-350

I have no idea why there wasn't filed individual advisories for each
package. Slashem is fixed in testing (0.0.6E4F8-6) and jnethack is
also fixed in testing (1.1.5-15) 

 Peter Makholm     |                                 Wisdom has two parts:
 peter@makholm.net |                           1) having a lot to say, and
 http://hacking.dk |                                      2) not saying it

Reply to: