Package: nut Severity: critical Tags: security patch The following potential vulnerability had been reported against NUT (Network UPS Tools): https://alioth.debian.org/tracker/index.php?func=detail&aid=313636&group_id=30602&atid=411542
The patch has already been committed upstream (development version), and include more details on the issue: http://trac.networkupstools.org/projects/nut/changeset/3633 It will be available in 2.6.4, which will be released by the end of the week. This will fix Sid and Testing. But Stable is still exposed (NUT 2.4.3). I'm currently preparing an upload to fix it (2.4.3-1.1squeeze2). Please use CVE-2012-2944 for this issue. This CVE is not yet official, but will be on Friday, June Arst 00:00:00 UTC. cheers, Arnaud -- Linux / Unix Expert R&D - Eaton - http://powerquality.eaton.com Network UPS Tools (NUT) Project Leader - http://www.networkupstools.org/ Debian Developer - http://www.debian.org Free Software Developer - http://arnaud.quette.free.fr/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
