-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Thu, 19 Jun 2003 00:45:02 +0200 Source: tiger Binary: tiger Architecture: hppa Version: 2.2.4-23 Distribution: stable Urgency: medium Maintainer: Debian/HPPA non-US Build Daemon Changed-By: Javier Fernandez-Sanguino Pen~a Description: tiger - Report system security vulnerabilities Closes: 157695 170461 172377 Changes: tiger (2.2.4-23) stable; urgency=medium . * Upload to the proposed-updates queue to be considered by the Release Manager. This version generated for the benefit of stable users (which are still encouraged to use 3.2 since it fixes many more bugs and can be backported easily, but still). This package fixes some open (and important) bugs including a security bug and also updates data (DSA listing) to latest available information. Bugs fixed: * Fixed buffer overflow discovered by Steve Grub in realpath.c this might be able to be locally exploited if a user can make a _very_ long path in the system but it might be difficult to pull off local privilege escalation with this one. Still, worth fixing. The fix has been backported from the 3.2 version. * Fixed the installation so all scripts are set as executable (I'm not incorporating all the Makefile changes done on 3.2 but it's now better) this has the side effect of now setting check_listeningprocs executable and properly installing check_sendmail (Closes: #157695, #172377) * No longer depends on essential packages as per policy, since there are no known versioned dependancies (there are for the 3.x release) for any of them (Closes: #170461) * Updated deb_advisories to include all the latest Debian Security Advisories so that the deb_checkadvisories check makes sense (was over a year out of date). Notice that, without this update the deb_checkadvisories is useless. This check is still useful for those running a system without internet access (i.e. cannot check updates at security.debian.org). If there is a new release of the CD images this might turn out useful for users updating through CD. Files: 85195fc03ecf4da153e584da503047b1 208536 admin optional tiger_2.2.4-23_hppa.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE+8yWkzN/kmwoKyScRApXPAKCFeli0ulig00wiVAHYLF97c/a31ACgjSmR Q701CjBLsoHwA/aK8LlD6TA= =Azs5 -----END PGP SIGNATURE-----