On Thu, Aug 26, 1999 at 09:47:22AM -0700, Aleph One wrote: > ---------------------------------------------------------------------------- > Debian Security Advisory securityat_private > http://www.debian.org/security/ Martin Schulze > August 26, 1999 > ---------------------------------------------------------------------------- > > Red Hat has recently released a Security Advisory (RHSA-1999:030-01) > covering a buffer overflow in the vixie cron package. Debian has > discovered this bug two years ago and fixed it. Therefore versions in > both, the stable and the unstable, distributions of Debian are not > vulnerable to this problem.. Does anyone know if Debian never sent the fix to Paul Vixie, or if it was sent and Paul "missed it"? Even in the second case, unless Paul repeatedly refused the patch, it'd have been nice for the Debian maintainer to make sure that the patch was incorporated in the main source code, not just in Debian... Marc -- Microsoft is to software what McDonalds is to gourmet cooking Home page: http://marc.merlins.org/ (friendly to non IE browsers) Finger marc_fat_private for PGP key and other contact information
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:59:55 PDT