Re: Possible buffer overflows = security problem?

To: debian-security@lists.debian.org
Subject: Re: Possible buffer overflows = security problem?
From: Frank Lichtenheld <frank@lichtenheld.de>
Date: Sat, 6 Sep 2003 13:48:51 +0200
Message-id: <[🔎] 20030906114850.GA546@djpigpb>
In-reply-to: <[🔎] 20030905235203.GD6940@alcor.net>

Matt Zimmerman wrote:
> Only root has control over apt's packages lists and the dpkg status
> file, so
> I wouldn't be too concerned about this from a security standpoint.  It's
> still sloppy, and I would think twice before stepping forward to take
> over maintenance of such a program, rather than simply dropping it from the
> distribution.

Ok, so I will not prepare a security patch for the woody version...

I still like the original idea behind the program but the code is indeed
sloppy and outdated. I will probably ask for removal of the package from
sarge and prepare a new, rewritten version.

Thanks,
-- 
Frank Lichtenheld <frank@lichtenheld.de>
www: http://www.djpig.de/

Reply to:

References:
- Re: Possible buffer overflows = security problem?
  - From: Matt Zimmerman <mdz@debian.org>

Prev by Date: Re: Possible buffer overflows = security problem?
Next by Date: Prelude H-NIDS
Previous by thread: Re: Possible buffer overflows = security problem?
Next by thread: Re: Possible buffer overflows = security problem?
Index(es):
- Date
- Thread