I BEG OF YOU - UNSUBSCRIBE ME !!! Dnia 26-10-2006, czw o godzinie 08:19 +0200, OpenPKG napisał(a): > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > ________________________________________________________________________ > > OpenPKG Security Advisory OpenPKG GmbH > http://www.openpkg.org/security/ http://openpkg.com > OpenPKG-SA-2006.026 2006-10-26 > ________________________________________________________________________ > > Package: screen > Vulnerability: denial of service > OpenPKG Specific: no > > Affected Series: Affected Packages: Corrected Packages: > 1.0-ENTERPRISE n.a. >= screen-4.0.3-E1.0.0 > 2-STABLE-20061018 <= screen-4.0.2-2.20061018 >= screen-4.0.3-2.20061023 > 2-STABLE <= screen-4.0.2-2.20061018 >= screen-4.0.3-2.20061023 > CURRENT <= screen-4.0.2-20061013 >= screen-4.0.3-20061023 > > Description: > According to a vendor release announcement [0], a denial of service > vulnerability exists in the virtual terminal application GNU screen > [1], version 4.0.2 and earlier. The vulnerabilities exist in the > handling of "UTF-8 combining characters" and allow user-assisted > attackers to cause a Denial of Service (crash or hang of GNU screen) > via certain UTF-8 character sequences. The Common Vulnerabilities > and Exposures (CVE) project assigned the id CVE-2006-4573 [2] to the > problem. > ________________________________________________________________________ > > References: > [0] http://lists.gnu.org/archive/html/screen-users/2006-10/msg00028.html > [1] http://www.gnu.org/software/screen/ > [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4573 > ________________________________________________________________________ > > For security reasons, this advisory was digitally signed with the > OpenPGP public key "OpenPKG <[EMAIL PROTECTED]>" (ID 63C4CB9F) which > you can retrieve from http://www.openpkg.org/openpkg.pgp. Follow the > instructions on http://www.openpkg.org/security/signatures/ for details > on how to verify the integrity of this advisory. > ________________________________________________________________________ > > -----BEGIN PGP SIGNATURE----- > Comment: OpenPKG <[EMAIL PROTECTED]> > > iD8DBQFFQFNOgHWT4GPEy58RAkWTAJ9gxJwcgTQOL0NzAHK9xtLxlbgOtwCgkGwb > uu2qkj9SuoBw0Pjv7vI6hFo= > =oW1b > -----END PGP SIGNATURE----- > ______________________________________________________________________ > The OpenPKG Project www.openpkg.org > Project Announcement List [email protected] -- "Fear leads to anger, anger leads to hate, hate leads to suffering" - Yoda
______________________________________________________________________ The OpenPKG Project www.openpkg.org User Communication List [email protected]
