Package: libtasn1-2 Version: 1:0.2.17-2 Severity: grave Tags: security Justification: user security hole
Greetings. I'm filing this bug report to keep track of the following security issue. "[DSA 985-1] New libtasn1-2 packages fix arbitrary code execution" was released on 6 Mar 2006, in regard to Bugtraq ID 16568 / CVE-2006-0645. It states, in part: "For the unstable distribution (sid) these problems will be fixed soon." For the record, the current unstable version, 0.2.17-2, is also the curent testing version. "Soon" has expired ;) Please patch/repair (there is a patch available for the stable version, 0.2.10-3sarge1 - I don't know if this helps or not). Thanks much, -- Steve Lane System, Network and Security Administrator Doudna Lab Biomolecular Structure and Mechanism Group UC Berkeley -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (900, 'stable'), (800, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.15-phabrix060 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages libtasn1-2 depends on: ii libc6 2.3.6-7 GNU C Library: Shared libraries Versions of packages libtasn1-2 recommends: ii libtasn1-2-bin 1:0.2.17-2 Manage ASN.1 structures (binaries) -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
