[Secure-testing-team] Stable isn't vulnerable to CVE-2008-5101
Nico Golde
debian-secure-testing+ml at ngolde.de
Thu Nov 20 18:57:32 UTC 2008
Hi,
* Nelson A. de Oliveira <naoliv at debian.org> [2008-11-20 19:46]:
> On Thu, 20 Nov 2008 19:08:42 +0100
> Nico Golde <debian-secure-testing+ml at ngolde.de> wrote:
> > Can you please be a bit more specific on why "it's fine"?
>
> Because the upstream author (who also found the vulnerability) of the
> affected package said that version 0.5.5 (available at stable) isn't
> vulnerable?
Ok I marked this as not-affected now, what I really wanted
to hear are some details about the code...
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20081120/8b22eebe/attachment.pgp
More information about the Secure-testing-team
mailing list