Re: Screen in woody vulnerable to CAN-2003-0972 ?
Fr?d?ric Bothamy (frederic.bothamy@free.fr) said:
> I would like to know if the package screen in woody (version 3.9.11-5)
> is vulnerable to CAN-2003-0972 (I did not find anything related in the
> changelog) and if so, if there is any work by the Security Team for
> fixing this (or if they need to be told about this).
It's a group utmp compromise on Debian.
See http://bugs.debian.org/222385 and
http://pkg-screen.alioth.debian.org/woody-security/ for a patched
package.
The security team is aware of this, AFAIK they're waiting on the
autobuilders.
--
Adam Lazur, Cluster Monkey
Reply to: