--On 07. Jänner 2009 00:22:18 +0100 Christian Hammers <c...@debian.org> wrote:
> Hello > > Stephen, I was pointed out the the patch on > > http://code.quagga.net/cgi-bin/gitweb.cgi?p=quagga.git;a=commitdiff;h=3d2 > 65b4d9d748bf4c92aefebc2ca0c04fd607945;hp=30a2231a4881f53deca61ef7a62b225a > 43dab4c5 > > It seems to work here and was signed-off by Paul Jakma. Can you confirm > that this patch is all (an no other patch has to be applied as well)? > > Hannes, you said something about security issues, did you mean in the > patch from the above mentioned URL? Why is one of the patches insecure? > > bye, > > -christian- > > Paul Jamka mentioned it in <http://lists.quagga.net/pipermail/quagga-dev/2008-August/005740.html> This mail references <http://rhn.redhat.com/errata/RHSA-2003-315.html> which in turn references <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0858> which in turn references DSA-415-1 (<http://www.debian.org/security/2004/dsa-415>) I have no idea whether this issue still applies. Yours Hannes -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
