Am 23.02.2011 14:56, schrieb Michael Biebl: > Am 23.02.2011 14:23, schrieb Alexander Kurtz: >> Am Mittwoch, den 23.02.2011, 13:58 +0100 schrieb Michael Biebl: >>> I was able to reproduce this problem on a squeeze system, but not on >>> unstable. >>> >>> Can you confirm that? >> >> Negative, I tried upgrading avahi-daemon and libavahi-* to the sid >> versions (0.6.28-3) but the problem is still there. >> >> However, I haven't tried a complete upgrade to sid, so the problem may >> very well be in some third-party package which is fixed in sid. > > As it turns out, this issue is already known: > > http://avahi.org/ticket/325 > https://bugzilla.redhat.com/show_bug.cgi?id=607297 > https://bugzilla.redhat.com/show_bug.cgi?id=667187 > CVE-2011-1002 > > The fix is available at > http://git.0pointer.de/?p=avahi.git;a=commit;h=46109dfec75534fe270c0ab902576f685d5ab3a6 > > I could successfully verify that this patch fixes the problem I could > reproduce.
A fixed package has been uploaded to unstable and stable-security (squeeze). Thanks for the bug report. Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
