-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Wed, 17 Jan 2001 23:39:09 -0800 Source: splitvt Binary: splitvt Architecture: source i386 Version: 1.6.5-2 Distribution: unstable Urgency: high Maintainer: Joey Hess <joeyh@debian.org> Changed-By: Joey Hess <joeyh@debian.org> Description: splitvt - run two programs in a split screen Changes: splitvt (1.6.5-2) unstable; urgency=HIGH . * New upstream version, with a format string hole fixed, and several possible buffer overfllows fixed. - Of those, only (I think) the format string attack and two of the buffer overflows can affect the debian package. - Luckily, my last release of the package back in June 2000 made it only need to be sgid tty. - Total possible impact: attacker could possibly crack the tty group. * Goofed up version number because this source is already in the archives. Files: 21f702c104077b120c3b277c0c6c7124 606 utils optional splitvt_1.6.5-2.dsc 4746fe48fbba70653f939e49eaaf4798 5523 utils optional splitvt_1.6.5-2.diff.gz aee21d106429e37f7313dcafb7eec9db 32090 utils optional splitvt_1.6.5-2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6aNU52tp5zXiKP0wRAouXAKCR/VOxd2supaQSeFQqO3XlxkwjhQCgkvTH csHTQiXvAObcc/FcAEXiVvc= =xB4a -----END PGP SIGNATURE----- Installed: splitvt_1.6.5-2.dsc to pool/main/s/splitvt/splitvt_1.6.5-2.dsc splitvt_1.6.5-2_i386.deb to pool/main/s/splitvt/splitvt_1.6.5-2_i386.deb splitvt_1.6.5-2.diff.gz to pool/main/s/splitvt/splitvt_1.6.5-2.diff.gz