Re: [SECURITY] [DSA 1422-1] New e2fsprogs packages fix arbitrary code execution

To: Juan Gallego <Little.Boss@physics.mcgill.ca>
Cc: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1422-1] New e2fsprogs packages fix arbitrary code execution
From: Steve Kemp <skx@debian.org>
Date: Fri, 7 Dec 2007 15:45:59 +0000
Message-id: <[🔎] 20071207154559.GA17386@steve.org.uk>
In-reply-to: <[🔎] Pine.LNX.4.64.0712070945040.22285@uinen.physics.mcgill.ca>
References: <20071207132105.GA15762@steve.org.uk> <[🔎] Pine.LNX.4.64.0712070945040.22285@uinen.physics.mcgill.ca>

On Fri Dec 07, 2007 at 09:46:21 -0500, Juan Gallego wrote:

> | For the stable distribution (etch), this problem has been fixed in version
> | 1.39+1.40-WIP-2006.11.14+dfsg-2etch1.
> 
> | For the unstable distribution (sid), this problem will be fixed shortly.

> is sarge affected by this vulnerability? or has sarge been archived and i 
> missed the announcement?

  Sarge is affected, but I don't yet have a working patch for that.

  There should be an update shortly, but this is pretty low-risk and
 it seemed sensible to release now, rather than waiting.

Steve
--

Reply to:

References:
- Re: [SECURITY] [DSA 1422-1] New e2fsprogs packages fix arbitrary code execution
  - From: Juan Gallego <Little.Boss@physics.mcgill.ca>

Prev by Date: Re: [SECURITY] [DSA 1422-1] New e2fsprogs packages fix arbitrary code execution
Next by Date: Re: [SECURITY] [DSA 1422-1] New e2fsprogs packages fix arbitrary code execution
Previous by thread: Re: [SECURITY] [DSA 1422-1] New e2fsprogs packages fix arbitrary code execution
Next by thread: Re: [SECURITY] [DSA 1422-1] New e2fsprogs packages fix arbitrary code execution
Index(es):
- Date
- Thread