Package: affix Severity: grave Tags: security patch Justification: user security hole
btsrv sanitises input inproperly. I haven't yet checked whether this is exploitable in the Debian package configuration as well. Please see the advisory at http://www.digitalmunition.com/DMA[2005-0712b].txt Patches are available at: http://affix.sourceforge.net/affix_320_sec.patch http://affix.sourceforge.net/affix_212_sec.patch Cheers, Moritz -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12-rc5 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]