Hi all
On Mon, Feb 27, 2012 at 08:27:05PM +0100, Florian Weimer wrote:
> * Antoine Beaupré:
>
> > I don't actually know - I followed your lead and used that patch in the
> > bugzilla Redhat bugtrackers:
> >
> > https://bugzilla.redhat.com/attachment.cgi?id=556619&action=diff&context=patch&collaps
On Mon, 27 Feb 2012 20:27:05 +0100, Florian Weimer wrote:
> * Antoine Beaupré:
>
> > I don't actually know - I followed your lead and used that patch in the
> > bugzilla Redhat bugtrackers:
> >
> > https://bugzilla.redhat.com/attachment.cgi?id=556619&action=diff&context=patch&collapsed=&headers=1
* Antoine Beaupré:
> I don't actually know - I followed your lead and used that patch in the
> bugzilla Redhat bugtrackers:
>
> https://bugzilla.redhat.com/attachment.cgi?id=556619&action=diff&context=patch&collapsed=&headers=1&format=raw
*grml*
Fedora has already released the potentially incorr
* Antoine Beaupré:
> I don't actually know - I followed your lead and used that patch in the
> bugzilla Redhat bugtrackers:
>
> https://bugzilla.redhat.com/attachment.cgi?id=556619&action=diff&context=patch&collapsed=&headers=1&format=raw
Okay, I'm notifying folks that this patch is probably not
On Mon, 27 Feb 2012 20:12:08 +0100, Florian Weimer wrote:
> * Antoine Beaupré:
>
> > ++ $h =~ s/[<>&%]/./g;
>
> > ++$step =~ s/[<>&%]/./g;
>
> > ++$mode =~ s/[<>&%]/./g;
>
> > ++$t =~ s/[<>&%]/./g;
>
> > ++$targ =~ s/[<>;%]/./g;
>
> > ++$hierarchy
* Antoine Beaupré:
> ++ $h =~ s/[<>&%]/./g;
> ++$step =~ s/[<>&%]/./g;
> ++$mode =~ s/[<>&%]/./g;
> ++$t =~ s/[<>&%]/./g;
> ++$targ =~ s/[<>;%]/./g;
> ++$hierarchy =~ s/[<>;%]/./g;
These patterns do not match the special character ". Therefore, it
Hi,
* Moritz Muehlenhoff [2012-02-14 18:11]:
> This has been assigned CVE-2011-0790:
Just to make sure there is no confusion, this should've been CVE-2012-0790.
Cheers
Nico
pgpsedVHOKbzT.pgp
Description: PGP signature
On Tue, 14 Feb 2012 14:39:05 -0500, Antoine Beaupré wrote:
> Here's a debdiff to fix this issue. I can upload this to stable-security
> if it is okay for you guys.
>
> I had to fiddle a bit with the patch to make it fit with 2.3, but I
> think it will work. Not sure it is *complete* however, the
Here's a debdiff to fix this issue. I can upload this to stable-security
if it is okay for you guys.
I had to fiddle a bit with the patch to make it fit with 2.3, but I
think it will work. Not sure it is *complete* however, the way 2.3
treats some arguments is different than 2.6, so it may have mo
I'll work on uploading 2.6.7 to unstable, since it's trivial changes
From 2.6.5, including the security fix.
Then I'll prepare a package for stable. I am not sure it is actually
vulnerable but will try the supplied patch.
I am not sure how to coordinate with the security team here, can you
help m
Package: smokeping
Severity: grave
Tags: security
This has been assigned CVE-2011-0790:
http://holisticinfosec.org/content/view/188/45/
Patch:
https://bugzilla.redhat.com/attachment.cgi?id=556619&action=diff&context=patch&collapsed=&headers=1&format=raw
Cheers,
Moritz
--
To UNSUBSCRI
11 matches
Mail list logo
