-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Darren Salt escreveu:
> close 408090 0.5.8-2 thanks
>
> I demand that Alex de Oliveira Silva may or may not have written...
>
>
>> Multiple buffer overflows in the (1) main function in (a)
>> client.c, and the (2) server_setup and (3) server_client_connect
>> functions in (b) server.c in gxine 0.5.9 and earlier allow local
>> users to cause a denial of service (daemon crash) or gain
>> privileges via a long HOME environment variable. NOTE: some of
>> these details are obtained from third party information.
>
> This is already fixed in 0.5.8-2 (bug 405876); the only thing which
> isn't present is the CVE number.
>
>> Solution: Update to version gxine 0.5.10
>
> Not currently possible due to the freeze, hence 0.5.8-2...
>
OK, thanks for the note.
regards,
- --
.''`.
: :' : Alex de Oliveira Silva | enerv
`. `' www.enerv.net
`-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFtnVrarbczl+z12gRAl1DAJ0eLJBBAvC3cG6TxUka7IhkKxmFaACfWzWz
+COoiDi/8ZIEWxS1Pn9tANQ=
=BKJl
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
