Accepted ytalk 3.1.6-1 (i386 source)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 30 Dec 2004 09:56:37 +0000
Source: ytalk
Binary: ytalk
Architecture: source i386
Version: 3.1.6-1
Distribution: unstable
Urgency: medium
Maintainer: Philipp Kern <phil@philkern.de>
Changed-By: Philipp Kern <phil@philkern.de>
Description: 
 ytalk      - Enhanced talk program with X support
Changes: 
 ytalk (3.1.6-1) unstable; urgency=medium
 .
   * New upstream release.
   * Security fix:
     It turns out it was possible to write 44 bytes of arbitrary data to YTalk
     memory when running the auto-invite daemon (off by default), due to a
     nasty sprintf() call and a buffer overflow.
 .
     I didn't really investigate how much nastiness you might be able to
     accomplish with these 44 bytes, but I did confirm that YTalk can be
     crashed by anyone who knows the auto-invite daemon's TCP port number.
     -- Andreas Kling <keso@klister.net>
Files: 
 bb9407db836391c970af4992dbbd4846 716 net optional ytalk_3.1.6-1.dsc
 d3da905029e7dda52d3012365ecd2c47 110046 net optional ytalk_3.1.6.orig.tar.gz
 0c7046dff744686a941668366d547a63 7686 net optional ytalk_3.1.6-1.diff.gz
 3eaaf186ab3e31ad395155e7948183dc 45112 net optional ytalk_3.1.6-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFB099s1OXtrMAUPS0RAtBXAJ9tfFz8GAJZ/j5jVj6InmKsvLMDsQCglQTB
zgZIg2KMo9v697QlGNuqZlA=
=UPcZ
-----END PGP SIGNATURE-----


Accepted:
ytalk_3.1.6-1.diff.gz
  to pool/main/y/ytalk/ytalk_3.1.6-1.diff.gz
ytalk_3.1.6-1.dsc
  to pool/main/y/ytalk/ytalk_3.1.6-1.dsc
ytalk_3.1.6-1_i386.deb
  to pool/main/y/ytalk/ytalk_3.1.6-1_i386.deb
ytalk_3.1.6.orig.tar.gz
  to pool/main/y/ytalk/ytalk_3.1.6.orig.tar.gz


-- 
To UNSUBSCRIBE, email to debian-devel-changes-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org