Hi On Sun, Oct 29, 2006 at 07:51:20AM -0800, Kees Cook wrote: > On Sun, Oct 29, 2006 at 10:23:04AM +0100, Ola Lundqvist wrote: > > Thanks for letting me know, but this was actually fixed in the > > Debian package before the fixed realvnc was released, and before a CVE > > number was assigned to the issue (if I remember correctly). The > > fix in Debian is slightly different, but correct the same issue. > > As that fix is the only fix that the upstream version 4.1.2 version > > change from 4.1.1, I have decided to not go up to that version. > > Ah! Whoops, apologies for the noise. Given the earlier CVE on a
No problem. > related issue, I couldn't tell from the changelog which had been fixed, It would have been nice if the changelog contained the CVE, but that CVE was not assigned when the fixed package was uploaded. :) > and figured it was better to open a bug. :) Fully agree. > Thanks for checking into this and pointing out the patch. No problem. Regards, // Ola > -- > Kees Cook @outflux.net > -- --- Ola Lundqvist systemkonsult --- M Sc in IT Engineering ---- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | http://opalsys.net/ Mobile: +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --------------------------------------------------------------- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
