Package: libc6 Version: 2.2.5-11.5 Severity: grave Tags: woody, security Justification: user security hole
I notice the Ubuntu Security USN-4-1 and did not find CAN-2004-0968 in the "Non-Vulnerable" list. I looked at catchsegv as an example and code like segv_output=`basename "$prog"`.segv.$$ does not look secure to me. http://lwn.net/Alerts/108824/ http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-00968 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136318 -- System Information Debian Release: 3.0 Architecture: i386 Kernel: Linux pleione 2.4.26-grsec #1 Tue Aug 10 15:42:40 CEST 2004 i686 Locale: LANG=en_US, LC_CTYPE=en_US -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]