Bug#496383: xastir - broken temp file patch (#496383)

Hi Joop! You probably wanted to use: TMPFILE=`mktemp -t` instead of TMPFILE = 'mktemp -t' in your patch for #496383, right? HTH -- Tomas Hoger -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#496403: mgetty insecure temp file usage

patch is used in all Fedora / Red Hat mgetty packages for quite some time now: http://cvs.fedoraproject.org/viewvc/rpms/mgetty/devel/mgetty-1.1.30-mktemp.patch?view=markup (it can possibly benefit from few more Xes in file name template too ;) HTH -- Tomas Hoger -- To UNSUBSCRIBE, email

Bug#496406: here's a patch (fwbuilder, #496406)

Hi Thijs! Just out of curiosity, why bother with temp file and not use: eval `ssh-agent -s` /dev/null ? (I haven't checked the actual script, just the patch, so apologies if I'm missing some important bits.) -- Tomas Hoger -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject

Bug#493797: python2.5: CVE-2008-2316 integer overflow in _hashopenssl.c

/_hashopenssl.c?view=log (last rev 64048) http://svn.python.org/view/python/branches/release25-maint/Modules/_hashopenssl.c?view=log (last rev 51333) HTH -- Tomas Hoger -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#480292: CVE-2008-2079: mysql allows local users to bypass certain privilege checks

to already existing tables using this flaw? Thanks! -- Tomas Hoger -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#480059: vorbis-tools vulnerable to CVE-2008-1686

(and many clients did not do that properly), so the check was now moved directly to speex library. HTH -- Tomas Hoger -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#479034: CVE-2008-2033: Multiple vulnerabilities

Hi! This is a duplicate of CVE-2008-1381. See references for CVE-2008-1381 for details. HTH -- Tomas Hoger -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#477805: vlc: CVE-2008-1881 stack-based buffer overflow in subtitle parsing

Hi! Should be fixed in 0.8.6f, for patch see: http://git.videolan.org/gitweb.cgi?p=vlc.git;a=commitdiff;h=94baded6eff88e39c98b6e3572826f16f21ceec3 http://bugs.gentoo.org/show_bug.cgi?id=214277#c2 -- Tomas Hoger -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe

Bug#477808: blender: CVE-2008-1102 arbitrary code execution via crafted .blend file

Hi! Upstream patch: svn diff -r14431:14461 https://svn.blender.org/svnroot/bf-blender/trunk/blender/source/blender/imbuf/intern/radiance_hdr.c http://cvs.fedoraproject.org/viewcvs/rpms/blender/devel/blender-2.45-cve-2008-1102.patch HTH -- Tomas Hoger -- To UNSUBSCRIBE, email to [EMAIL

Bug#446354: OpenBSD patch for CVE-2007-5365 is insufficient

: https://bugzilla.redhat.com/show_bug.cgi?id=327781#c5 Note: [EMAIL PROTECTED] was notified on 2007-10-23. Updated DSA 1388-3 released on 2007-10-29. -- Tomas Hoger Red Hat Security Response Team -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact

Bug#440100: CVE-2007-4558 rejected as duplicate of CVE-2007-4134

Hi! CVE name CVE-2007-4558 was rejected on 2007-08-30 as duplicate of previously assigned name CVE-2007-4134. Please consider using name CVE-2007-4134 to avoid confusion. -- Tomas Hoger -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL

Bug#302677: qmail: FTBFS: Missing Build-Depends on 'groff-base' and missing users and groups

Hi Andreas! I'm not sure if this really is FTBFS bug. There is no official qmail binary package in Debian, there's only qmail source package, from which qmail-src package is built. build-qmail script from qmail-src package should be used to build qmail binary package. Also note, that qmail-src