Clamav CVE-2006-0162

2006-01-17 Thread Andrew Perry
I am wondering what is being done to patch the security vulnerability in Clam-AV that was recently announced.  I don't see anything on the security page and Debian is listed as affected at: http://www.securityfocus.com/bid/16191

server problems- strange portsa nd processes

2006-01-17 Thread edgar
Hello. After changing some settings for a domain in Apache it couldn't be started again. The error message said: "Starting web server: Apache2(98)Address already in use: make_sock: could not bind to address 0.0.0.0:8056 no listening sockets available, shutting down Unable to open logs We couldn't

Re: [SECURITY] [DSA 945-1] New antiword packages fix insecure temporary file creation

2006-01-17 Thread Stefan Wiens
* Martin Schulze wrote: > -- > Debian Security Advisory DSA 945-1 [EMAIL PROTECTED] > http://www.debian.org/security/ Martin Schulze > January 17th, 2006 htt

Re: [SECURITY] [DSA 945-1] New antiword packages fix insecure temporary file creation

2006-01-17 Thread Florian Weimer
* Jeroen van Wolffelaar: > It's weird that antiword's security update was seeminly[1] based on the > testing version, rather than the stable version: > > antiword | 0.35-1 |stable | source > antiword | 0.35-2 | testing | source > [1] Looking exclusively at the version nu

Re: [SECURITY] [DSA 945-1] New antiword packages fix insecure temporary file creation

2006-01-17 Thread Steve Kemp
On Tue, Jan 17, 2006 at 07:59:45PM +0100, Florian Weimer wrote: > AFAICS, this rule is quite reasonable, so I assume that this antiword > version is just a minor glitch. Correct? Yes. My fault entirely. It actually took me a while to see what was wrong there - usually I just add 'sargeN' to

Re: [SECURITY] [DSA 945-1] New antiword packages fix insecure temporary file creation

2006-01-17 Thread Jeroen van Wolffelaar
On Tue, Jan 17, 2006 at 07:59:45PM +0100, Florian Weimer wrote: > * Martin Schulze: > > > For the stable distribution (sarge) these problems have been fixed in > > version 0.35-2sarge1. > > I would have expected a version like 0.35-1sarge1. The version you > have chosen violated an implicit cons

Re: [SECURITY] [DSA 945-1] New antiword packages fix insecure temporary file creation

2006-01-17 Thread Florian Weimer
* Martin Schulze: > For the stable distribution (sarge) these problems have been fixed in > version 0.35-2sarge1. I would have expected a version like 0.35-1sarge1. The version you have chosen violated an implicit constraint fulfilled by most (all?) security updates: the version of a package upd