Bug#365680: CGIIRC vulnerability (Bug#365680)

Elrond wrote: > On Sun, May 07, 2006 at 09:16:35AM +0200, Martin Schulze wrote: > [...] > > If an update enters stable-security and the version in testing ist the > > same as in stable, then the new version propagates into testing. If, > > additionally, the version in unstable is the same, this ve

Bug#365680: CGIIRC vulnerability (Bug#365680)

package cgiirc retitle 365680 [CVE-2006-2148] cgiirc: buffer overflow in client.c thanks On Fri, May 05, 2006 at 07:10:57PM +0200, Mario 'BitKoenig' Holbe wrote: > On Thu, May 04, 2006 at 04:55:39PM +0200, Martin Schulze wrote: > > Are you going to update the package in sid as well? > > We're pre

Bug#365680: CGIIRC vulnerability (Bug#365680)

Mario 'BitKoenig' Holbe wrote: > > Elrond wrote: > > > I _might_ be able to test, wether the package still works > > Please let us know. > > Tests are done. Everything seems to work well. > > > Update prepared. > > Go on :) > Please make sure you did also add 50_client-c_bufferoverflow_fix to >

Bug#365680: CGIIRC vulnerability (Bug#365680)

On Thu, May 04, 2006 at 04:55:39PM +0200, Martin Schulze wrote: > Are you going to update the package in sid as well? We're preparing a new version for sid, which of course will include the fix, too. But this will take a few days longer, so... > Or should the package propagate via stable-security

Bug#365680: CGIIRC vulnerability (Bug#365680)

Elrond wrote: > Nearly all the relevant information, that is currently > available regarding this issue, is in the bug logs. > (see: ) > > Very Short summary: > > * bufferoverflow in C code > * remotely exploitable > * CVE has been requested by micah > * Untested pa

Bug#365680: CGIIRC vulnerability (Bug#365680)

Elrond wrote: > Nearly all the relevant information, that is currently > available regarding this issue, is in the bug logs. > (see: ) Are you going to update the package in sid as well? Or should the package propagate via stable-security? Regards, Joey --