« Return to Thread: Re: [SECURITY] [DSA 1807-1] New cyrus-sasl2/cyrus-sasl2-heimdal packages fix arbitrary code execution
Re: [SECURITY] [DSA 1807-1] New cyrus-sasl2/cyrus-sasl2-heimda
by Nico Golde-9
::
Rate this Message:
Hi,
* Thijs Kinkhorst <thijs@...> [2009-06-15 17:39]:
> On Mon, June 15, 2009 16:42, Dominic Hargreaves wrote:
> >> For the oldstable distribution (etch), this problem will be fixed soon.
> >>
> >
> > 2.1.22.dfsg1-8+etch1 has now appeared in the security archive which
> > appears to fix this problem, but no subsequent advisory has been released.
> > Is this an oversight?
>
> I'm not sure - the advisory tells us that the updated packages will be
> released soon, and that's exactly what happened. Point is that we don't
> have fixed rules for which events lead to a "-2" DSA mail and which don't.Yes, exactly the reason why I didn't release another
advisory.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion@... - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
* Thijs Kinkhorst <thijs@...> [2009-06-15 17:39]:
> On Mon, June 15, 2009 16:42, Dominic Hargreaves wrote:
> >> For the oldstable distribution (etch), this problem will be fixed soon.
> >>
> >
> > 2.1.22.dfsg1-8+etch1 has now appeared in the security archive which
> > appears to fix this problem, but no subsequent advisory has been released.
> > Is this an oversight?
>
> I'm not sure - the advisory tells us that the updated packages will be
> released soon, and that's exactly what happened. Point is that we don't
> have fixed rules for which events lead to a "-2" DSA mail and which don't.
advisory.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion@... - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
attachment0 (852 bytes) « Return to Thread: Re: [SECURITY] [DSA 1807-1] New cyrus-sasl2/cyrus-sasl2-heimdal packages fix arbitrary code execution
| Free embeddable forum powered by Nabble | Forum Help |
