On Sun, 2005-09-04 at 16:18 -0400, Joey Hess wrote: > Presumably this bug was fixed in dpkg 1.13.11, which was released well > after the fixed zlib got into the archive. Although I've not actually > checked all the builds to see. > > Therefore I am not tracking this bug as a security hole, and IMHO it > should be closed, unless the fact that dpkg still embeds a static zlib > and still will be vulnerable and need recompiles because of future holes > in that library is a problem worth leaving a bug open for. > This bug was open because the Debian security team have still not uploaded a fixed version for stable!
Scott -- Have you ever, ever felt like this? Had strange things happen? Are you going round the twist?
signature.asc
Description: This is a digitally signed message part
