[Secure-testing-team] Lenny security bug sprint
Nico Golde
debian-secure-testing+ml at ngolde.de
Fri Nov 28 22:04:09 UTC 2008
Hi,
* Moritz Muehlenhoff <jmm at inutil.org> [2008-11-28 20:51]:
> On Tue, Nov 18, 2008 at 12:39:36AM +0100, Moritz Muehlenhoff wrote:
> > On Mon, Nov 17, 2008 at 06:55:13AM +0100, Moritz Muehlenhoff wrote:
[...]
> geshi / CVE-2008-5185
> No maintainer reaction so far, pinged.
I tracked this issue down, my result is on:
http://marc.info/?l=oss-security&m=122718277121421&w=2
This + the other patch providing the PARANOID mode should
be enough to fix this issue. Romain is aware of this and
from what I know working on an update but was busy for the
last weekend.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20081128/d1d39c08/attachment.pgp
More information about the Secure-testing-team
mailing list