|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Toni Mueller (openbsd-ports
oeko.net)
Date: Mon Aug 04 2008 - 11:39:55 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
On Wed, 30.07.2008 at 11:16:04 +1000, Damien Miller <djmmindrot.org> wrote:
> > CVE-2007-2052
>
> fixed in python-2.5.1
>
> > CVE-2007-4965
>
> ditto
thanks!
> > CVE-2008-1679 CVE-2008-1721 CVE-2008-1887
>
> These are present in 2.5.2 and we should fix them prior to release.
> I'll look at it.
I can "easily" loot patches for these problems from Debian (2.5.2-10,
ie. "latest"):
CVE-2007-4965 CVE-2008-1679 CVE-2008-2315
But I (yet) don't know about the others, and a quick glance into
upstream's SVN is... confusing, and in their tracker, I also don't find
what I'm looking for. But then, it may be me - I'm unfamiliar with
their setup and procedures. :(
I've attached the three mentioned patches, but (of course) can't vouch
for them.
Kind regards,
--Toni++
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIlzDafoEUoHXLGtIRAiiXAJ44CvFaHOF7Haf9uJkLggydMXFfxwCgvFmv
MCSobvoZO1rg8vDGqygT6a4=
=BAaZ
-----END PGP SIGNATURE-----
- text/x-diff attachment: CVE-2007-4965.patch
- text/x-diff attachment: CVE-2008-1679.patch
- text/x-diff attachment: CVE-2008-2315.patch
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]