severity 627503 important tag 627503 - security retitle 627503 Validate Port directive value thanks
A small summary of what's going on with this: - The Debian security team does not consider this to be a security issue as tinyproxy's configuration file is under the control of the admin, and an exploit needs changing the Port value to something that can trigger a buffer overflow. - This was fixed anyway in a Debian patch in 1.8.2-2, which is currently in testing and unstable. - 1.8.3-1, recently uploaded to unstable, is the first upstream release to officially include this fix. - We're uploading 1.8.2squeeze2 to stable so the fix appears in the next point release anyway, via the normal t-p-u path. Thanks, Jordi -- Jordi Mallach PĂ©rez -- Debian developer http://www.debian.org/ jo...@sindominio.net jo...@debian.org http://www.sindominio.net/ GnuPG public key information available at http://oskuro.net/
signature.asc
Description: Digital signature
