On 2014-04-25 16:58:53, Moritz Muehlenhoff wrote: > On Fri, Apr 25, 2014 at 04:41:36PM +0200, Sebastian Ramacher wrote: > > On 2014-04-25 16:40:28, Sebastian Ramacher wrote: > > > Hi Security Team, > > > > > > On 2014-04-20 11:59:23, Salvatore Bonaccorso wrote: > > > > Source: libmms > > > > Version: 0.6-1 > > > > Severity: grave > > > > Tags: security upstream fixed-upstream > > > > > > > > Hi, > > > > > > > > the following vulnerability was published for libmms. > > > > > > > > CVE-2014-2892[0]: > > > > heap-based buffer overflow > > > > > > Please find attached the debdiffs for squeeze and wheezy. Please let me > > > know if > > > it's okay to upload them to the squeeze-security and wheezy-security. > > > > And here are the patches. > > Please upload to security-master. Note that both updates need to be build > with "-sa" since > libmms is new in the security suites.
Built with -sa and uploaded. Cheers -- Sebastian Ramacher
signature.asc
Description: Digital signature