[ddh-sys] apt-listchanges: changelogs for less
root
root op ddh.nl
Do Jan 14 10:08:31 CET 2010
krb5 (1.6.dfsg.4~beta1-5lenny2) stable-security; urgency=high
* cve-2009-4212, MIT-KRB5-SA-2009-004: Integer underflows in AES and
RC4 decriptions. This can definitely lead to a DOS attack and
potentially may leae to execution of unexpected code. It's
potentially possible that arbitrary code could be executed, although
much more likely that permuted heap contents or buffers not under
attacker control will be executed.
-- Sam Hartman <hartmans op debian.org> Sun, 03 Jan 2010 15:31:06 -0500
openssl (0.9.8g-15+lenny6) stable-security; urgency=low
* Clean up zlib state so that it will be reinitialized on next use and
not cause a memory leak. (CVE-2009-4355)
-- Kurt Roeckx <kurt op roeckx.be> Sun, 10 Jan 2010 21:10:15 +0100
More information about the ddh-sys
mailing list