Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 19 May 2011 00:56:22 +0400
From: Solar Designer <>
Subject: LILO 23.2

Vasiliy - I suggest that you update Owl-current to LILO 23.2 before we
move to Syslinux.  This will enable me to get this update into
3.0-stable (after brief testing in current).  The message below mentions
a security issue in a script, but we don't appear to package that script.

(It also mentions a libpcap issue, but we need to update libpcap before
it makes sense for us to deal with minor issues like that.  To approach
this after toolchain update.)

----- Forwarded message from Moritz Muehlenhoff <> -----

Date: Wed, 18 May 2011 22:06:33 +0200
From: Moritz Muehlenhoff <>
Subject: [oss-security] CVE requests: ffmpeg/widelands/jifty::db/lilo/libpcap

please assign CVE IDs for the following issues tracked in the Debian Security Tracker:

1. ffmpeg/libav out of array write in AMV parsing;a=commit;h=89f903b3d5ec38c9c5d90fba7e626fa0eda61a32

2. widelands directory traversal

3. SQL injection in Jifty::DBI

4. lilo: lilo-uuid-diskid makes lilo.conf world-readable

5. libpcap packet truncation


----- End forwarded message -----

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.