[ddh-sys] apt-listchanges: changelogs for less

root root op ddh.nl
Do Jan 14 10:08:31 CET 2010


krb5 (1.6.dfsg.4~beta1-5lenny2) stable-security; urgency=high

  * cve-2009-4212, MIT-KRB5-SA-2009-004:  Integer underflows in AES and
    RC4 decriptions.  This can definitely lead to a DOS attack and
    potentially may leae to execution of unexpected code.  It's
    potentially possible that arbitrary code could be executed, although
    much more likely that permuted heap contents or buffers not under
    attacker control will be executed.

 -- Sam Hartman <hartmans op debian.org>  Sun, 03 Jan 2010 15:31:06 -0500

openssl (0.9.8g-15+lenny6) stable-security; urgency=low

  * Clean up zlib state so that it will be reinitialized on next use and
    not cause a memory leak.  (CVE-2009-4355)

 -- Kurt Roeckx <kurt op roeckx.be>  Sun, 10 Jan 2010 21:10:15 +0100




More information about the ddh-sys mailing list