Re: Possible buffer overflows = security problem?
Matt Zimmerman wrote:
> Only root has control over apt's packages lists and the dpkg status
> file, so
> I wouldn't be too concerned about this from a security standpoint. It's
> still sloppy, and I would think twice before stepping forward to take
> over maintenance of such a program, rather than simply dropping it from the
> distribution.
Ok, so I will not prepare a security patch for the woody version...
I still like the original idea behind the program but the code is indeed
sloppy and outdated. I will probably ask for removal of the package from
sarge and prepare a new, rewritten version.
Thanks,
--
Frank Lichtenheld <frank@lichtenheld.de>
www: http://www.djpig.de/
Reply to: