[PKG-IRC-Maintainers] ngircd remote exploit, 2nd time...
Mario Iseli
mario at debian.org
Thu Jan 17 20:49:31 UTC 2008
Hello Security team,
I got in contact with you at the end of November 2007 because of
CVE-2007-6034 and CVE-2007-6062, the answer was that the bug isn't
interesting enough. Now, two days ago - there was a new security bug
(CVE-2008-0285 aka #461067). This one is remote exploitable as well. So
- what now? Don't you find it a good idea to proceed now with an
official security upload? I already did it for unstable and I'd have a
fix for Etch ready too. Please get in contact with me soon, otherwise I
will look with Andreas Barth that it will be included in the next Etch
point-release.
Regards,
Mario
--
.''`. Mario Iseli <mario at debian.org>
: :' : Debian GNU/Linux developer
`. `'`
`- Debian - when you have better things to do than fixing a system
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-irc-maintainers/attachments/20080117/1eec5046/attachment.pgp
More information about the Pkg-irc-maintainers
mailing list