On Fri, Oct 29, 2004 at 09:21:09PM +0200, Thomas Wana wrote: > Frank Lichtenheld wrote: > >Hmm, the patch from the DSA is included in the package... Or do you > >mean that the patch is flawed? > > Do you mean DSA-405-1 (http://lwn.net/Articles/64725/)? That DSA > is refering to CAN-2003-0949, which indeed seems to be fixed, but > CAN-2004-0074 (which this bug is about) is nowhere mentioned anywhere, > and it's indeed unfixed.
Uupps, I was confused by the CAN numbers... > How to verify this bug: > ----------------------- [...] But you too, since that was the wrong part ;) The LANG vuln is fixed in the current package (the patch is in debian/patches and gets applied at build time). I guess the -xsokdir vuln could be not fixed, I will check that. Gruesse, -- Frank Lichtenheld <[EMAIL PROTECTED]> www: http://www.djpig.de/
