Hello, I do not see the packages in the repository yet, is there anything I can help with?
Regards, Eric On 05/22/2014 01:44 PM, Felix Geyer wrote: > On 2014-05-22 09:57, Eric Sesterhenn wrote: >> Package: libapache2-mod-wsgi >> Version: 3.3-4 >> Severity: critical >> Tags: security >> Justification: root security hole >> >> Dear Maintainer, >> >> as far as I can tell, CVE-2014-0240 affects the stable package of >> mod-wsgi. The >> patch provided by the mod-wsgi team applies wih fuzzing to the source >> shipped >> by debian. If a kernel >= 2.6.0 and < 3.1.0 is installed, this issue >> might >> allow local privilege escalation > > I'll upload fixed packages for squeeze and wheezy later today. > > Cheers, > Felix > -- LSE Leading Security Experts GmbH, Postfach 100121, 64201 Darmstadt Unternehmenssitz: Weiterstadt, Amtsgericht Darmstadt: HRB8649 Geschäftsführer: Oliver Michel, Sven Walther
smime.p7s
Description: S/MIME Cryptographic Signature