On 03/01/2006 08:25 PM, Martin Schulze wrote: > Stefan Fritsch wrote: > >>Package: popfile >>Severity: grave >>Tags: security >> >>Cite: >>POPFile before 0.22.4 allows remote attackers to cause a denial of >>service (application crash) via unspecified vectors involving >>character sets within e-mail messages. >> >>see also >>http://popfile.sourceforge.net/cgi-bin/wiki.pl?ReleaseNotes/0.22.4 >> >>Please quote the CVE number in the Changelog > > > It seems that the relevant fix is what I'm attaching to this mail.
The patch looks good. I've already uploaded the new upstream version that fixes the problem to unstable. Can I do anything to assist the security team with the other upload? K.- -- Lucas Wall <[EMAIL PROTECTED]> .''`. Buenos Aires, Argentina : :ΓΈ : Debian GNU/Linux http://www.kadath.com.ar `. `' http://www.debian.org PGP: 1024D/84FB46D6 `- 5D25 528A 83AB 489B 356A http://people.debian.org/~lwall 4087 BC9B 4733 84FB 46D6 mailto:[EMAIL PROTECTED]
signature.asc
Description: OpenPGP digital signature
