Your message dated Sun, 16 Oct 2011 17:24:17 +0200
with message-id <20111016171945.ga22...@debian.org>
and subject line Re: Bug#645516: hardlink has buffer overflows, is unsafe on
changing trees
has caused the Debian Bug report #645516,
regarding hardlink has buffer overflows, is unsafe on changing trees
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
645516: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645516
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: hardlink
Severity: grave
Tags: security
Hi Julian,
A security problem in hardlink had been reported:
http://www.openwall.com/lists/oss-security/2011/10/15/2
The report refers to Fedora. Can you check if any Debian version is affected?
Thanks a lot!
-luciano
--- End Message ---
--- Begin Message ---
On Sun, Oct 16, 2011 at 05:08:08PM +0200, Luciano Bello wrote:
> Package: hardlink
> Severity: grave
> Tags: security
>
> Hi Julian,
> A security problem in hardlink had been reported:
> http://www.openwall.com/lists/oss-security/2011/10/15/2
>
> The report refers to Fedora. Can you check if any Debian version is
> affected?
It affects a version of hardlink written in C. Our version is
written in Python. Both have the same name, but are implemented
differently.
According to my knowledge the C version of hardlink(1) was not packaged
anywhere when I wrote the Python version (and just a .c file distributed
from people.redhat.com, and unmaintained).
--
Julian Andres Klode - Debian Developer, Ubuntu Member
See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.
pgpz3snT5oQpV.pgp
Description: PGP signature
--- End Message ---
