[Secure-testing-team] [Secure-testing-commits] r6529 - data/CVE
Nico Golde
nico at ngolde.de
Fri Sep 7 11:28:51 UTC 2007
Hi,
* fw at alioth.debian.org <fw at alioth.debian.org> [2007-09-07 12:32]:
> Author: fw
> CVE-2007-4743: krb5, librpcsecgss
> Modified: data/CVE/list
> ===================================================================
> --- data/CVE/list 2007-09-07 05:52:01 UTC (rev 6528)
> +++ data/CVE/list 2007-09-07 06:40:13 UTC (rev 6529)
> @@ -1,3 +1,6 @@
> +CVE-2007-4743 [Incorrect fix for CVE-2007-3999: buffer overflow in RPC library]
> + - krb5 <unfixed> (high)
> + - librpcsecgss <unfixed>
> CVE-2007-4731
Is there any public information about why exactly this patch
is wrong?
Kind regards
Nico
--
Nico Golde - http://ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20070907/ff01ae88/attachment.pgp
More information about the Secure-testing-team
mailing list