On Wed, 2008-11-19 at 23:29 +0100, Moritz Muehlenhoff wrote: > Package: enscript > Version: 1.6.4-12 > Severity: grave > Tags: security > Justification: user security hole > > Hi, > buffer overflows have been discovered in enscript: > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3863 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4306 > > I'm attaching a patch by Werner Fink of SuSE covering these > issues.
Thanks. There go my hopes for a quiet lenny release. :) I'm just building a patched package. I can look at the manpage issue as well, but it's quite late here. -- Tim Retout <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]