* Harlan Lieberman-Berg:
> Hello GCC Maintainers!
>
> It would be Really Awesome (TM) if we could add the
> -fstack-clash-protection flag to our default hardening posture. This
> would have provided protection against the recent System Down
> vulnerability (CVE-2018-16864, CVE-2018-16865, CVE-201
Package: dpkg
Version: 1.14.28
dpkg's version comparison is architecture-dependent (due to changes in
the size of the C long type):
(i386)$ dpkg --compare-versions 4294967296:1 '>>' 4294967295:1 ; echo $?
1
(amd64)$ dpkg --compare-versions 4294967296:1 '>>' 4294967295:1 ; echo $?
0
The second re
* Modestas Vainius:
> While apparently, VT can't be implemented differently (except \d+),
> what about size_t etc. then? They all can be implemented as regexps
> too the most simple being 'any character'. However, in my opinion,
> exact string matching is worthwhile to keep whenever possible.
Can
* Marc Haber:
> apt-ftparchive is in a position to help here by generating a proper
> Source: line in the Packages: file. For example, bind9 1:9.2.1-2.0.1
> should have "Source: bind9 (1:9.2.1-2)" in the Packages file. IMO, the
> Source: line should only be suppressed if both package name and
> ve
found 317967 1.10.28
tag 317967 security sarge
thanks
* Joey Hess:
> Presumably this bug was fixed in dpkg 1.13.11, which was released well
> after the fixed zlib got into the archive. Although I've not actually
> checked all the builds to see.
This bug is also present in sarge. I think the con
* Scott James Remnant:
> On Tue, 2005-07-12 at 18:10 +0200, Florian Weimer wrote:
>
>> dpkg-deb seems to contain a statically linked copy of zlib version
>> 1.2.2. This means it's potentially vulnerable to CAN-2005-2096. Please
>> check, and advise the security te
Package: dpkg
Version: 1.13.10
Severity: normal
Tags: security
dpkg-deb seems to contain a statically linked copy of zlib version
1.2.2. This means it's potentially vulnerable to CAN-2005-2096. Please
check, and advise the security team if an update for stable is required.
--
To UNSUBSCRIBE,
7 matches
Mail list logo