[Secure-testing-team] Re: [Secure-testing-commits] r5273 - data/CVE

Alex de Oliveira Silva enerv at host.sk
Tue Jan 16 21:07:56 CET 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Florian Weimer escreveu:
> * Alex de Oliveira Silva:
>
>> CVE-2007-XXXX [libgtop2 "glibtop_get_proc_map_s()" Buffer
>> Overflow] -    - libgtop2 2.14.4-3 <not-affected> [etch] -
>> libgtop2 2.14.4-2 (medium) [sarge] - libgtop 2.6.0-4 (medium)
>> NOTE: sarge - libgtop2 2.6.0-4 sent patch to secure team.
>
> Why is unstable not affected?  According to the changelog, 2.14.4-2
>  only contains this change:
>
> libgtop2 (2.14.4-2) unstable; urgency=low . * New patch,
> 10_kfreebsd, to build-depend and depend on libkvm-dev on kfreebsd,
> to update the m4 macros to detect __FreeBSD_kernel__, and to update
> configure; thanks Petr Salinger; closes: #399270.
>
> This appears to be unrelated.
>
> Furthermore, libgtop has never reached version 2.6.0-4, it seems.
>

I made a mistake.
Maye the commit r5275 solves the problem.

- --
   .''`.
  : :' :    Alex de Oliveira Silva | enerv
  `. `'     www.enerv.net
    `-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFrTCcarbczl+z12gRAixVAJ483/xfCM3/3tjQJOvq29M/Dwo2EwCbBZ7y
wEcKBa1SugiRWyo3U0y2ncE=
=XZH4
-----END PGP SIGNATURE-----




More information about the Secure-testing-team mailing list