Re: [SECURITY] [DSA 2078-1] New mapserver packages fix arbitrary code execution

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 2078-1] New mapserver packages fix arbitrary code execution
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Sat, 31 Jul 2010 18:51:09 -0400
Message-id: <[🔎] slrni59a6t.2u2.jmm@inutil.org>
References: <20100731164320.GA15881@ngolde.de> <[🔎] 20100731165247.GE19609@ngolde.de>

On 2010-07-31, Nico Golde <nion@debian.org> wrote:
>
> --wTWi5aaYRw9ix9vO
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
> Content-Transfer-Encoding: quoted-printable
>
> Hi,
> * Nico Golde <nion@debian.org> [2010-07-31 18:48]:
>> --------------------------------------------------------------------------
>> Debian Security Advisory DSA-2078-1                    security@debian.org
>
> Meh race condition. Moritz isn't dak checking the DSA number we supply to g=
> it?=20
> If we both used DSA-2078-1 it should've detected this as a problem.

It should technically catch the duplicated ID. 

However, I used "dak new-security-install DSA-2078 kvirc*changes" as agreed 
a few years ago. 

Cheers,
        Moritz

Reply to:

References:
- Re: [SECURITY] [DSA 2078-1] New mapserver packages fix arbitrary code execution
  - From: Nico Golde <nion@debian.org>

Prev by Date: Re: [SECURITY] [DSA 2078-1] New mapserver packages fix arbitrary code execution
Previous by thread: Re: [SECURITY] [DSA 2078-1] New mapserver packages fix arbitrary code execution
Index(es):
- Date
- Thread