Re: Screen in woody vulnerable to CAN-2003-0972 ?

To: Fr?d?ric Bothamy <frederic.bothamy@free.fr>, debian-security@lists.debian.org
Subject: Re: Screen in woody vulnerable to CAN-2003-0972 ?
From: Adam Lazur <zal@debian.org>
Date: Tue, 30 Dec 2003 09:48:32 -0500
Message-id: <[🔎] 20031230144832.GG21379@ninjak.clustermonkey.org>
Mail-followup-to: Fr?d?ric Bothamy <frederic.bothamy@free.fr>, debian-security@lists.debian.org
In-reply-to: <[🔎] 20031230132818.GC7322@athena.olympe.fr>
References: <[🔎] 20031230132818.GC7322@athena.olympe.fr>

Fr?d?ric Bothamy (frederic.bothamy@free.fr) said:
> I would like to know if the package screen in woody (version 3.9.11-5)
> is vulnerable to CAN-2003-0972 (I did not find anything related in the
> changelog) and if so, if there is any work by the Security Team for
> fixing this (or if they need to be told about this).

It's a group utmp compromise on Debian.

See http://bugs.debian.org/222385 and
http://pkg-screen.alioth.debian.org/woody-security/ for a patched
package.

The security team is aware of this, AFAIK they're waiting on the
autobuilders.

-- 
Adam Lazur, Cluster Monkey

Reply to:

References:
- Screen in woody vulnerable to CAN-2003-0972 ?
  - From: Frédéric Bothamy <frederic.bothamy@free.fr>

Prev by Date: Re: Screen in woody vulnerable to CAN-2003-0972 ?
Next by Date: Need recomendations for https proxy that serves as a firewall proxy
Previous by thread: Re: Screen in woody vulnerable to CAN-2003-0972 ?
Next by thread: Need recomendations for https proxy that serves as a firewall proxy
Index(es):
- Date
- Thread