Bug#377047: [Pkg-openldap-devel] Bug#377047: slapd: Vulnerable to
CVE-2006-2754 (buffer overflow)
Torsten Landschoff
torsten at debian.org
Sat Jul 8 15:42:23 UTC 2006
Hi Martin,
On Thu, Jul 06, 2006 at 01:05:15PM +0200, Martin Pitt wrote:
> There is a buffer overflow in st.c. Please see
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2754
>
> for links to more detailled descriptions and a pointer to the upstream
> CVS patch.
>
> Please mention the CVE number in the changelog when you fix this.
How is the current procedure for security uploads (RTFM pointer is good
enough)? We can surely provide an updated package for sarge but I fear
duplicated work with the security team.
@Matthijs: I can build an updated sarge package by tomorrow I think, any
objections?
Greetings
Torsten
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20060708/84d423ea/attachment.pgp
More information about the Pkg-openldap-devel
mailing list