-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Wed, 30 Jul 2003 22:52:05 +0100 Source: man-db Binary: man-db Architecture: source i386 Version: 2.4.1-11 Distribution: unstable Urgency: high Maintainer: Colin Watson <cjwatson@debian.org> Changed-By: Colin Watson <cjwatson@debian.org> Description: man-db - The on-line manual pager Closes: 203475 Changes: man-db (2.4.1-11) unstable; urgency=high . * Fix several security problems reported on BugTraq (closes: #203475): - Limit sscanf() calls to the appropriate buffer size while reading configuration file. - Allocate strings dynamically while finding the ultimate source of man pages, avoiding a couple of buffer overflows. - Die gracefully if MANPATH contains too many elements, as a stopgap measure until proper list handling can be added. Files: 031a1489b366d1aba2ecd3880e1f43dc 659 doc important man-db_2.4.1-11.dsc fd284d0886f97c32e7bec9c325b0c5ea 63062 doc important man-db_2.4.1-11.diff.gz 69cffcf63a9128fde1912cb58c258af5 529622 doc important man-db_2.4.1-11_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Colin Watson <cjwatson@debian.org> -- Debian developer iD8DBQE/KEs89t0zAhD6TNERAnrwAJwOAELBsRRoP6Jnq8eYBdbRLfR/oACff9a+ eB5onEUfr0EaGjDRumcDjMg= =CgBE -----END PGP SIGNATURE----- Accepted: man-db_2.4.1-11.diff.gz to pool/main/m/man-db/man-db_2.4.1-11.diff.gz man-db_2.4.1-11.dsc to pool/main/m/man-db/man-db_2.4.1-11.dsc man-db_2.4.1-11_i386.deb to pool/main/m/man-db/man-db_2.4.1-11_i386.deb -- To UNSUBSCRIBE, email to debian-devel-changes-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org