Christophe Chisogne a écrit : > I guess lynx-ssl is affected too ? Is a lynx-ssl being prepared ?
Ok, it's DSA 876-1, solved :) DSA-876-1 lynx-ssl -- buffer overflow http://www.debian.org/security/2005/dsa-876 But I had a problem : I upgraded from Woody to Sarge. Woody had non-US, which Sarge dont have anymore. lynx-ssl/Woody was in non-US, but wasnt remove/replaced by the new lynx/Sarge during upgrade. So I had a system with an old unpatched lynx-ssl and not the current patched lynx (trivially solved with aptitude install lynx). The problem didnt seemed obvious at first, so I share my little experience here. If others have problems with non-US, I found a simple way to list the non-US packages (if grep-dctrl is installed): use grep-status, with a command like that one: # grep-status -F Section non-US -s Package,Version,Status Hope it can help others. Ch. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]