On Thu, Feb 12, 2004 at 12:39:42PM +0100, Tobias Burnus wrote: > Package: xfree86 > Severity: serious > > See > http://www.idefense.com/application/poi/display?id=72&type=vulnerabilities&flashstatus=false > and existing exploit in > http://www.securityfocus.com/archive/1/353493/2004-02-09/2004-02-15/0 > > the patch is available from > ftp://ftp.xfree86.org/pub/XFree86/4.3.0/fixes/fontfile.diff Thanks for the report. FYI, I have been in touch with the Debian Security Team and folks from other distribution vendors for several days now regarding this issue. -- G. Branden Robinson | I'm not going to waste my precious Debian GNU/Linux | flash memory with Perl when I can branden@debian.org | do so much more with it. http://people.debian.org/~branden/ | -- Joey Hess
Attachment:
signature.asc
Description: Digital signature