Tobias Klauser wrote:
> Attached is the patch against cscope-15.5-1.1sarge1. It was taken from
> upstream CVS according to the changelog [1] and adapted to this version.
Thanks, update is building now.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsu
On 2006-09-10 at 14:53:03 +0200, Moritz Muehlenhoff <[EMAIL PROTECTED]> wrote:
> Tobias Klauser wrote:
> > Thanks for your report.
> >
> > These vulnerabilities are fixed by the upload of 15.5+cvs20060902-1
> > (which is a CVS snapshot incorporating them). Obviously I was not
> > inspecting the up
Processing commands for [EMAIL PROTECTED]:
> package cscope
Ignoring bugs not assigned to: cscope
> found 385893 15.5+cvs20050816-2
Bug#385893: CVE-2006-4262: Cscope Buffer Overflow Vulnerabilities
Bug marked as found in version 15.5+cvs20050816-2.
> found 385893 15.5-1.1sarge1
Bug#38
package cscope
found 385893 15.5+cvs20050816-2
found 385893 15.5-1.1sarge1
close 385893 15.5+cvs20060902-1
thanks
> These vulnerabilities are fixed by the upload of 15.5+cvs20060902-1
> (which is a CVS snapshot incorporating them). Obviously I was not
> inspecting the upstream changelog good enoug
Thanks for your report.
These vulnerabilities are fixed by the upload of 15.5+cvs20060902-1
(which is a CVS snapshot incorporating them). Obviously I was not
inspecting the upstream changelog good enough so this was not not
mentioned in the changelog. Sorry!
WRT to cscope in stable I can prepare
Package: cscope
Severity: grave
Tags: security patch
Justification: user security hole
Some vulnerabilities have been found in cscope:
Multiple buffer overflows in cscope 15.5 and earlier allow
user-assisted attackers to cause a denial of service (crash) and
possibly execute arbitrary code via m
6 matches
Mail list logo
