[Pkg-shadow-devel] [marek@olmar.poznan.pl: Re: SpamAssassin DOS-Fix anytime soon ?]
Nicolas François
nicolas.francois@centraliens.net
Fri, 24 Jun 2005 12:46:11 +0200
Hello,
I'm forwarding a mail from debian-security.
http://lists.debian.org/debian-security/2005/06/msg00118.html
Do you know of any security issue on su?
Is it handled by the security team, and not present in the BTS?
IMHO, it is just a typo and Marek Olejniczak is probably speaking about
the sudo package, which has a security bug for something like 6 days.
----- Forwarded message from Marek Olejniczak <marek@olmar.poznan.pl> -----
Authentication-Results: mta141.mail.dcn.yahoo.com
from=olmar.poznan.pl; domainkeys=neutral (no sig)
Date: Thu, 23 Jun 2005 15:52:14 +0200 (CEST)
From: Marek Olejniczak <marek@olmar.poznan.pl>
To: debian-security@lists.debian.org
Subject: Re: SpamAssassin DOS-Fix anytime soon ?
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham
version=3.0.4
On Thu, 23 Jun 2005 iso@kapsobor.de wrote:
[...]
>so my question is: why has the fix not been released yet (after 7 days)?
>after all, a remotely exploitable bug in most mailreceiving systems should
>have a rather high priority.
There is also a bug in su package which is since 6 days not fixed. Hallo,
security team, wake up! Debian Sarge is buggy! Sarge is dangerous.
[...]
----- End forwarded message -----
Kind Regards,
--
Nekral