I thought I had subscribed to dsa. I got an Advisory just after I sent my mail out, perhaps I had been just to impatient.
I was a little bit nervous because of that openssh problem I think ;-) Thanks! Regards, Martin On Thu, Aug 01, 2002 at 05:03:30PM +0200, Dirk Hartmann wrote: > Hi, > > --On Thursday, August 01, 2002 16:50:16 +0200 Martin Hermanowski > <[EMAIL PROTECTED]> wrote: > > >an apt-get update && apt-get upgrade -dy today brought me new > >libpng[23]-Packages from security.debian.org for woody/stable, > >but I can't find an advisory for them. What changes were made? > > maybe you should subscribe to debian-security-announce too. > > Here the Head of the Advisory: > > - > ----------------------------------------------------------------------- > --- > Debian Security Advisory DSA 140-1 > [EMAIL PROTECTED] > http://www.debian.org/security/ Martin > Schulze > August 1st, 2002 > - > ----------------------------------------------------------------------- > --- > > Package : libpng2, libpng3 > Vulnerability : buffer overflow > Problem-Type : remote > Debian-specific: no > > Developers of the PNG library have fixed a buffer overflow in the > progressive reader when the PNG datastream contains more IDAT data > than indicated by the IHDR chunk. Such deliberately malformed > datastreams would crash applications which could potentially allow an > attacker to execute malicious code. Programs such as Galeon, > Konquerer and various others make use of these libraries. > > .... > ------------------------------------------------- > > Dirk > > -- > Dirk Hartmann, Netzworkadministration #PGP-Key available > Verlag Heinz Heise GmbH & Co KG, Helstorferstr. 7, D-30625 Hannover > E-Mail: [EMAIL PROTECTED] - Tel.: +49 511 5352 494 - FAX: +49 511 5352 479 > --------------------------------------------------------------------- > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > >
