Hosting Provided By

Re: perl regex vulnerability - debian - pcre only?

From: Florian Weimer <fw(at)deneb.enyo.de>
Date: Tue Nov 06 2007 - 15:12:03 EST

> http://security-tracker.debian.net/tracker/CVE-2007-5116
>
> is uninformative, but that is cve id that redhat and others are
> referring to.

I've added some more information, including a link to the upstream patch (whose essence applies cleanly to the versions in sarge and etch).

As a side effect of the problem described in

<http://lists.debian.org/debian-devel-announce/2007/11/msg00001.html>

building security updates involves even more manual work than usual. I can't say for sure when we will release the update, I'm afraid, but I hope it won't take much longer.

-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Received on Tue Nov 6 15:12:48 2007

This message: [ Message body ]
Next message: Melski(at)rsm.cd.cz: "Oldrich Melski je mimo kanceláø."
Previous message: paddy(at)panici.net: "Re: perl regex vulnerability - debian - pcre only?"
In reply to: paddy(at)panici.net: "Re: perl regex vulnerability - debian - pcre only?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 06:54:16 EDT