On 2012-12-06 18:33, Joerg Jaspert wrote:
as we have found a bug in a part of our archive software that might
lead
to remote code execution, we have stopped processing uploads until
this
bug is fixed. We expect that to happen pretty soon, though Thursday
is
more likely to see a fix than the
Hi,
On 07.12.2012 12:20, Jonathan Wiltshire wrote:
Thanks for securing it quickly :) Is there any danger of the vulnerable
code being in use on other systems, e.g. as part of a dak install?
Indeed, thanks for fixing the issue so fast.
But full disclosure FTW. Now, that the problem is fixed
On Fri, Dec 7, 2012 at 14:03:22 +0100, Arno Töll wrote:
Hi,
On 07.12.2012 12:20, Jonathan Wiltshire wrote:
Thanks for securing it quickly :) Is there any danger of the vulnerable
code being in use on other systems, e.g. as part of a dak install?
Indeed, thanks for fixing the issue so
* Joerg Jaspert jo...@debian.org, 2012-12-06, 19:33:
as we have found a bug in a part of our archive software that might
lead to remote code execution, we have stopped processing uploads
until this bug is fixed. We expect that to happen pretty soon, though
Thursday is more likely to see a fix
And while the main archive got it turned back on around noon UTC, the
other archives just got it back. So all back to normal, nothing to
see, go on fixing RC bugs please. :)
Thanks.
Do we know if anyone tried exploiting this bug in the past?
I don't think so.
Also, most other archives I
On 13053 March 1977, Arno Töll wrote:
Thanks for securing it quickly :) Is there any danger of the vulnerable
code being in use on other systems, e.g. as part of a dak install?
Indeed, thanks for fixing the issue so fast.
But full disclosure FTW. Now, that the problem is fixed please share
6 matches
Mail list logo