On Wed, Mar 29, 2006 at 09:44:35PM +0200, Lionel Elie Mamane wrote: > (Please don't hijack old threads about different issues, in particular > not without changing the subject line.)
Sorry, it wasn't intentional. > Sid and etch are not vulnerable; problem was fixed in upstream 2.1.6; > etch contains 2.1.7-1; it was fixed in sid (without even realising it) > with the upload of 2.1.6-1 on Sun, 25 Dec 2005. OK. > Please take this opportunity to retroactively add to the changelog of > 2.1.5-8sarge1 that the > > * Don't die on overflow in date handling, which could lead to a DoS > attack (closes: #326024) > > is CVE-2005-4153. > > Also add (closes: #358892) to your changelog entry. Alright. I'll update the changelog and upload to the queue now. Thanks for the updated advisory text. Steve -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
