On Wed, Jul 13, 2005 at 11:15:22PM +0200, Florian Weimer wrote:
> Patch to use the system zlib is attached. A compiled package is
> temporarily available from:
>
> http://static.enyo.de/fw/volatile/rageircd_2.0.0-3.1_i386.deb
>
> Unfortunately, I cannot test this package right now, and just
>
That patch wont work because rageircd/include/zlink.h includes
"zlib.h" (i.e. rageircd/zlib/zlib.h) and not (i.e. /usr/
include/zlib.h)
Re. GCC, the software has not been tested at all (by me) with GCC 4.
I don't even use GCC 3 (the environment it's developed on is Woody -
gcc 2)
On 13
* Alasdair McWilliam:
> That patch wont work because rageircd/include/zlink.h includes
> "zlib.h" (i.e. rageircd/zlib/zlib.h) and not (i.e. /usr/
> include/zlib.h)
"..." searches the system include paths as well, the difference to
<...> is that the current directory and the directory in which
* Alasdair McWilliam:
> The original 2.0.0 release does indeed include a vulnerable zlib
> verison.
Patch to use the system zlib is attached. A compiled package is
temporarily available from:
http://static.enyo.de/fw/volatile/rageircd_2.0.0-3.1_i386.deb
Unfortunately, I cannot test this pa
The original 2.0.0 release does indeed include a vulnerable zlib
verison.
However 2.0.1 (currently post-rc1) development has wound down and
will be released within a few days, and will be near enough the
current build/revision.
On 13 Jul 2005, at 13:26, Florian Weimer wrote:
retitle 309
retitle 309196 [CAN-2005-2096] Includes private copy of libz
thanks
This bug makes the package very likely vulnerable to CAN-2005-2096.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
6 matches
Mail list logo
