CVE-2005-3345 is not patched in breezy version of rssh
Bug #53120 reported by
Dave Hall
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| rssh (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
| Breezy |
Invalid
|
Low
|
Unassigned | ||
Bug Description
Hi,
While trying to track down a fix for rssh segfaulting on AMD64 is came across this http://
It is patched in debian but not ubuntu - see http://
I checked and it is fixed in dapper. Given this is a security related package I would consider this pretty serious, even though it is in the universe.
Cheers
Dave
CVE References
Revision history for this message
| Martin Pitt (pitti) wrote | #1 |
| Changed in rssh: | |
| importance: | Untriaged → Low |
| status: | Unconfirmed → Confirmed |
Revision history for this message
| Kees Cook (kees) wrote | #2 |
| Changed in rssh: | |
| importance: | Undecided → Low |
| status: | Unconfirmed → Confirmed |
| importance: | Low → Undecided |
| status: | Confirmed → Rejected |
Revision history for this message
| Marco Rodrigues (gothicx) wrote | #3 |
| Changed in rssh: | |
| status: | Confirmed → Rejected |
To post a comment you must log in.
If someone prepares and tests an updated package and attaches a debdiff, I will review and upload it.