Hi, I wonder whether there will be an advisory on the pine URL-handling code exploit? (http://www.washington.edu/pine/pine-info/2002.01/msg00042.html). This is a pretty serious security bug within pine.
Yes, I know about the special status of pine within Debian. This makes it rather tricky to say "Debian Rel. x is vulnerable" or vice versa. But it would be nice to have a handout for the sysadmins about what to do. Users tend to like pine even if the sysads do not, so you cannot simply remove pine from your servers. Thanks, Thomas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
