Previously Gerfried Fuchs wrote:
Then please provide a diff for for dsa-257.{data,wml} file, especially
for the text. I'm out of ideas how to do it correct and definitely am
not the person who should make this decisions -- after all I'm not part
of the security team.
I have no idea how
* Wichert Akkerman [EMAIL PROTECTED] [2003-03-05 14:47]:
It is the exact same issue which just happens to be present in multiple
source packages. To me it makes perfect since to do that in a single
advisory.
Then please provide a diff for for dsa-257.{data,wml} file, especially
for the text
On Thu, Mar 06, 2003 at 10:30:57AM +0100, Gerfried Fuchs wrote:
Then please provide a diff for for dsa-257.{data,wml} file, especially
for the text. I'm out of ideas how to do it correct
Rename the -2 advisory to 999, convert it to .data+.wml using
parse-advisory.pl and then merge the new
Affected Packages: sendmail, sendmail-wide
Mark Dowd of ISS X-Force found a bug in the header parsing routines
of sendmail: it could overflow a buffer overflow when encountering
addresses with very long comments. Since sendmail also parses headers
when forwarding emails this vulnerability can
Previously ChristopherHuhn wrote:
I was surprised beeing forced to downgrade to the security release now,
as your FAQ points out that proposed-updates should be covered by
security upgrades just like stable.
Perhaps the wording in the security FAQ is unstable; what it is trying
to say is
On Thu, Mar 06, 2003 at 04:49:23PM +0100, Wichert Akkerman wrote:
I was surprised beeing forced to downgrade to the security release now,
as your FAQ points out that proposed-updates should be covered by
security upgrades just like stable.
Perhaps the wording in the security FAQ is
* Michael Stone [EMAIL PROTECTED] [2003-03-04 14:42]:
could whoever's doing web pages for security advisories these days take
a look at dsa 257?
It can be done by anyone with webwml cvs write access. I have now
committed dsa-257-1, but onfortunately I don't know what to do with
dsa-257-2. I
Previously Gerfried Fuchs wrote:
It can be done by anyone with webwml cvs write access. I have now
committed dsa-257-1, but onfortunately I don't know what to do with
dsa-257-2. I guess it should have been dsa-258-1 instead, for it is for
a completely different package (different source
On Wed, Mar 05, 2003 at 02:35:26PM +0100, you wrote:
a completely different package (different source package). I have no
ideas how to incorporate the data nicely into the dsa-257.{data,wml}
files -- you guys (security-team) have to decide.
This has been done before, IIRC. Just put all
could whoever's doing web pages for security advisories these days take
a look at dsa 257?
Mike Stone
10 matches
Mail list logo