[kgb-maintainers] DoS bug in KGB
gregor herrmann
gregoa at debian.org
Thu Sep 24 18:33:45 UTC 2009
On Thu, 24 Sep 2009 10:08:44 +0200, Martín Ferrari wrote:
> >> It was a two-fold problem: on the server side, it received utf8 wide
> >> chars that passed to the sha1 module for authentication, and that
> >> failed. I added the correct conversion code for that to work.
> > I guess I shall 'release' a new version of the preliminary packages so
> > that the servers can be upgraded?
> I think it is a good idea. My server is hand-patched now.
I haven't changed anything yet, since confused me :)
BTW: How far are we from an upload to the archive?
Cheers,
gregor
--
.''`. http://info.comodo.priv.at/ -- GPG Key IDs: 0x00F3CFE4, 0x8649AA06
: :' : Debian GNU/Linux user, admin, & developer - http://www.debian.org/
`. `' Member of VIBE!AT, SPI Inc., fellow of FSFE | http://got.to/quote/
`- NP: Bruce Springsteen: Mansion on the hill
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/kgb-maintainers/attachments/20090924/0728667b/attachment.pgp>
More information about the kgb-maintainers
mailing list