[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-security
Subject:    Re: perl regex vulnerability - debian - pcre only?
From:       Florian Weimer <fw () deneb ! enyo ! de>
Date:       2007-11-06 20:12:03
Message-ID: 87zlxrkub0.fsf () mid ! deneb ! enyo ! de
[Download RAW message or body]

> http://security-tracker.debian.net/tracker/CVE-2007-5116
>
> is uninformative, but that is cve id that redhat and others are
> referring to.

I've added some more information, including a link to the upstream patch
(whose essence applies cleanly to the versions in sarge and etch).

As a side effect of the problem described in

  <http://lists.debian.org/debian-devel-announce/2007/11/msg00001.html>

building security updates involves even more manual work than usual.  I
can't say for sure when we will release the update, I'm afraid, but I
hope it won't take much longer.


-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

[prev in list] [next in list] [prev in thread] [next in thread]