Package: luxman Severity: grave Tags: security DSA-693-1 claimed that the security hole CAN-2005-0385 was fixed in unstable in luxman 0.41-20, but it's been two days and I do not see that version has been uploaded.
Some details on the hole from the DSA: Kevin Finisterre discovered a buffer overflow in luxman, an SVGA based PacMan clone, that could lead to the execution of arbitrary commands as root. For the stable distribution (woody) this problem has been fixed in version 0.41-17.2. For the unstable distribution (sid) this problem has been fixed in version 0.41-20. We recommend that you upgrade your luxman package. Additional details were posted on bugtraq, but I don't have an url handy. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.4.27 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages luxman depends on: ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libgcc1 1:3.4.3-12 GCC support library ii libstdc++5 1:3.3.5-12 The GNU Standard C++ Library v3 ii libsvga1 [svgalibg1] 1:1.4.3-21 console SVGA display libraries -- see shy jo
signature.asc
Description: Digital signature