Source: unadf
Version: 0.7.11a-3
Severity: important
Tags: security patch
Hi,
Tuomas Räsänen discovered the following vulnerabilities for unadf.
CVE-2016-1243[0]: stack buffer overflow caused by blindly trusting on pathname
lengths of archived files.
CVE-2016-1244[1]: execution of unsanitized i
Package: nvi
Severity: important
Tags: security patch
The security team received a report from the CERT Coordination Center that the
Henry Spencer regular expressions (regex) library contains a heap overflow
vulnerability. It looks like this package includes the affected code at that's
the reas
Package: arpalert
Severity: normal
Please, consider depends on ieee-data [1] instead of include the file
/etc/arpalert/oui.txt
[1] https://packages.debian.org/sid/ieee-data
Cheers, luciano
--
To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org
with a subject of "unsubscribe"
El Mar 17 Nov 2009, Adam D. Barratt escribió:
> >From a stable-update point-of-view, I'd also prefer that it was fixed in
>
> unstable first. It's a lot easier to fix sid if any unforeseen problems
> arise. :)
So, I made the QA upload few minutes ago.
luciano
--
To UNSUBSCRIBE, email to debia
El Mar 20 Oct 2009, Julien Cristau escribió:
> this is completely broken, you're missing $() around the mktemp
> invocation, you're never using SOCKET_DIR_TMP, your mktemp call has
> only 2 X's, and you're not removing the existing $SOCKET_DIR. So, what
> exactly are you trying to fix?
Sorry.
-
Maybe I'm missing something... but, why this doesn't fix the bug?
--- xfs.orig2009-10-20 15:06:31.0 -0300
+++ xfs 2009-10-20 15:13:47.0 -0300
@@ -49,7 +49,8 @@
set_up_socket_dir () {
echo -n "Setting up X font server socket directory $SOCKET_DIR..."
if [ -e $SOCKET_DIR ]
Just like http://www.securiteam.com/unixfocus/5WP030UM0W.html propuse, the
patch is attached.
luciano
--- Imlib/load.c.orig 2007-08-13 23:06:20.0 -0300
+++ Imlib/load.c 2007-08-13 23:06:51.0 -0300
@@ -645,7 +645,7 @@
planes = (int)word;
fread(&word, 2, 1, file);
bpp = (in
7 matches
Mail list logo
