Re: [SECURITY] [DSA 431-1] New perl packages fix information leak in suidperl

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 431-1] New perl packages fix information leak in suidperl
From: Arthur de Jong <adejong@debian.org>
Date: Sun, 1 Feb 2004 12:18:07 +0100 (CET)
Message-id: <[🔎] Pine.LNX.4.44.0402011204140.3018-100000@bobo.thuis.net>
In-reply-to: <20040201091318.GT1738@alcor.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> - --------------------------------------------------------------------------
> Debian Security Advisory DSA 431-1                     security@debian.org
> http://www.debian.org/security/                             Matt Zimmerman
> February 1st, 2004                      http://www.debian.org/security/faq
> - --------------------------------------------------------------------------

I don't mean to be paranoid but this advisory is dated February 1st, 2004
but the new changelog entries are both dated 11 Sep 2003 and the deb file
for i386 I got has a timestamp of Sep 12. Furthermore judging from
timestamps on [1] other architectures seem to have similar build dates.

Did it really take that long to coordinate this DSA or do all build
daemons have a problem with their clocks? Not that it really matters for
this DSA as it is a minor problem that should not affect that many people,
just being curious.

[1] http://security.debian.org/pool/updates/main/p/perl/

- -- arthur - adejong@debian.org - http://people.debian.org/~adejong --

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFAHOB3VYan35+NCKcRAlMrAJ46XEawS3xHCXTNeWYr9dWLaP6YEgCg2T+v
zm6l6eg4IXsRB3HtjVNEC+g=
=Iu+l
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA 431-1] New perl packages fix information leak in suidperl
  - From: Matt Zimmerman <mdz@debian.org>

Next by Date: Query NS <Root>
Next by thread: Re: [SECURITY] [DSA 431-1] New perl packages fix information leak in suidperl
Index(es):
- Date
- Thread