[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA-2158-1] cgiirc security update

On Wed, Feb 23, 2011 at 10:12:08AM +0100, Philipp Kern wrote:

> why wasn't this fixed (e.g. through an NMU) in unstable, too?  The
> announcement doesn't even mention unstable albeit it's the same version.

We currently seem to have a slightly better protection for the unstable
package; it doesn't work at all (at least for me).

*** An error occurred: Program ending: Bad arg length for Socket::inet_ntoa,
length is 0, should be 4 at /usr/lib/cgi-bin/cgiirc/nph-irc.cgi line 673,
<IP> line 7.

I'm not sure if that might be IPv6 related.

There's some upstream activity so it would be nice to know if des@d.o is
already known to be MIA before pushing this for removal or orphan the package.

And I don't know much, but I do know this:
With a golden heart comes a rebel fist.
     [ Streetlight Manifesto - Here's To Life ]

Reply to: