[Secure-testing-team] Re: [Secure-testing-commits] r5273 -
data/CVE
Alex de Oliveira Silva
enerv at host.sk
Tue Jan 16 20:42:43 CET 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Florian Weimer escreveu:
> * Alex de Oliveira Silva:
>
>> CVE-2007-XXXX [libgtop2 "glibtop_get_proc_map_s()" Buffer
>> Overflow] - - libgtop2 2.14.4-3 <not-affected> [etch] -
>> libgtop2 2.14.4-2 (medium) [sarge] - libgtop 2.6.0-4 (medium)
>> NOTE: sarge - libgtop2 2.6.0-4 sent patch to secure team.
>
> Why is unstable not affected? According to the changelog, 2.14.4-2
> only contains this change:
[2007-01-14] Accepted 2.14.6-1 in experimental (low) (Loic Minier)
>
> libgtop2 (2.14.4-2) unstable; urgency=low . * New patch,
> 10_kfreebsd, to build-depend and depend on libkvm-dev on kfreebsd,
> to update the m4 macros to detect __FreeBSD_kernel__, and to update
> configure; thanks Petr Salinger; closes: #399270.
>
> This appears to be unrelated.
>
> Furthermore, libgtop has never reached version 2.6.0-4, it seems.
In qa[1] and packages[2] says for me the stable version is 2.6.0-4.
[1] - http://packages.qa.debian.org/libg/libgtop2.html
[2]
-
-http://packages.debian.org/cgi-bin/search_packages.pl?keywords=libgtop2&searchon=names&subword=1&version=stable&release=all
If you see some more errors please report.
I want to lern. :)
regards,
- --
.''`.
: :' : Alex de Oliveira Silva | enerv
`. `' www.enerv.net
`-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFrSqzarbczl+z12gRAjxZAJ9TZAW/BFiFRPJXBLpBzF9GVN5YFwCgqTWA
ALJRgIlLgdQX1+PxmThKBwc=
=xYdS
-----END PGP SIGNATURE-----
More information about the Secure-testing-team
mailing list