Sun | Mon | Tue | Wed | Thu | Fri | Sat |
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | |||
5 | 6 | 7 | 8 | 9 | 10 | 11 |
12 | 13 | 14 | 15 | 16 | 17 | 18 |
19 | 20 | 21 | 22 | 23 | 24 | 25 |
26 | 27 | 28 | 29 | 30 |
Open Source @ Consolidated Braincells Inc.
This is a weblog I'm keeping about my work on Debian and any other useful Debian related info I come across. It is not meant to compete with other news sources like Debian Weekly News or Debian Planet. Mostly it is just a way for me to classify and remember all the random bits of information that I have floating around me. I thought maybe by using a blog it could be of some use to others too. Btw. "I" refers to Jaldhar H. Vyas, Debian developer for over 5 years. If you want to know more about me, my home page is here.
The name? Debain is a very common misspelling of Debian and la salle de bains means bathroom in French.
If you have a comment to make on something you read here, feel free to write to me at jaldhar@debian.org.
You can get an rss 0.91 feed of any page in the
blog by appending ?flav=rss
to the end of the URL.
I've made some new .debs of pine available.
A buffer overflow exists in the way unpatched versions of Pine prior to 4.57 handle the 'message/external-body' type. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2003-0720 to this issue.
An integer overflow exists in the Pine MIME header parsing in versions prior to 4.57. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2003-0721 to this issue.
Both of these flaws could be exploited by a remote attacker sending a carefully crafted email to the victim that will execute arbitrary code when the email is opened using Pine. So please upgrade ASAP.