On Friday, May 15, George Bonser wrote
>
> Find a mirror of the Debian incoming directory ... I think there are some
> listed on the Debian web page ... and grab the new debianutils and install
> it manually with dpkg -i
Debian 1.3.1r8 has been released with a debianutils that makes gzip happy.
I
[EMAIL PROTECTED] wrote:
>
> On 14 May, Martin Schulze wrote:
> > We were told by Michal Zalewski that gzexe as shipped with gzip uses
> > an unsecure method decompressing executables on the fly opening a way
> > of calling arbitrary programs. Newer versions for bo and hamm are
> > fixing this.
On Thursday, May 14, [EMAIL PROTECTED] wrote
>
[snip]
> I can't seem to find a debianutils_1.6* under any of the bo*
> directories on the ftp sites.
Mea culpa.
debianutils 1.8.9 has been uploaded to Incoming, and will be installed into
bo.
Sorry for the trouble.
Christian
pgpWSi309JchO.p
On 14 May, Martin Schulze wrote:
> We were told by Michal Zalewski that gzexe as shipped with gzip uses
> an unsecure method decompressing executables on the fly opening a way
> of calling arbitrary programs. Newer versions for bo and hamm are
> fixing this. We recommend you upgrade your gzip pac
4 matches
Mail list logo
