Bug#548358: libxerces2-java: CVE-2009-2625 infinite loop denial of service in libxerces2-java

Package: libxerces2-java Version: 2.9.1-2 Severity: normal Discussed here: http://mail-archives.apache.org/mod_mbox/xerces-j-users/200908.mbox/thread Michael Glavassevich claims this is fixed in Xerces Java subversion here: http://marc.info/?l=xerces-cvs&m=124569778024398&w=2 -- System Informat

Bug#366067: fakeroot doesn't work with statically linked binaries

- "Clint Adams" <[EMAIL PROTECTED]> wrote: > On Fri, Oct 03, 2008 at 07:11:08PM -0400, Joe Malicki wrote: > > faked.diff was thoroughly tested. When I posted I noticed that it > didn't cover > > all of the cases and added faked-link.diff, and meant to m

Bug#366067: fakeroot doesn't work with statically linked binaries

Ugh, should never have posted faked-link.diff without trying it, it's completely busted. Respinning and fixing. faked.diff is well tested. - "Clint Adams" <[EMAIL PROTECTED]> wrote: > On Fri, Oct 03, 2008 at 06:22:44PM -0400, Joe Malicki wrote: > > +if

Bug#366067: fakeroot doesn't work with statically linked binaries

t now, with the {). - "Clint Adams" <[EMAIL PROTECTED]> wrote: > On Fri, Oct 03, 2008 at 06:22:44PM -0400, Joe Malicki wrote: > > +if ((buf->st.mode&S_IFMT) != (st->mode&S_IFMT) && > > +((buf->st.mode&

Bug#366067: fakeroot doesn't work with statically linked binaries

> The first patch (faked-link.diff) fixes it in all cases except when > the *new* inode type is a regular file. > The second fixes it for more cases, wherever this sort of scheme is > possible (i.e. everywhere but inodes that are > regular files in our database but device nodes on disk). > Patch

Bug#366067: fakeroot doesn't work with statically linked binaries

- "Joe Malicki" <[EMAIL PROTECTED]> wrote: > We've root caused this bug being related to statically linked binaries > (usually ldconfig) which don't let fakeroot intercept their syscalls. > > When ldconfig is run and modifies /etc/ld.so.cache, i

Bug#366067: fakeroot doesn't work with statically linked binaries

We've root caused this bug being related to statically linked binaries (usually ldconfig) which don't let fakeroot intercept their syscalls. When ldconfig is run and modifies /etc/ld.so.cache, it creates a new file and replaces it. However, the old ld.so.cache never gets purged from the fakeroo

Bug#490217: python-dns vulnerable to CVE-2008-1447 DNS source port guessable

Package: python-dns Version: 2.3.0-5.1 Severity: grave Tags: security Justification: user security hole CVE-2008-1447, which deals with DNS reply poisoning that is possible due to DNS clients sending DNS requests on predictable UDP source ports, is a security issue that also applies to python-dns,