[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 1422-1] New e2fsprogs packages fix arbitrary code execution

Juan Gallego wrote:
> is sarge affected by this vulnerability? or has sarge been archived and i 
> missed the announcement?

The main attack vector - pygrub/xen - doesn't exist in Sarge. The other attacks
are more or less theoretical and hardly justify modifications to an important
core package like this.


Reply to: