Rev 38 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 38 | Rev 39 | ||
---|---|---|---|
Line 1... | Line 1... | ||
1 | libspf2 (1.2.5.dfsg-5+lenny2) testing-security; urgency=high |
1 | libspf2 (1.2.5.dfsg-5+lenny2) testing-security; urgency=high |
2 | 2 | ||
3 | * 51_actually-keep-track-of-max_var_len.dpatch: Fix possible DoS with |
3 | * 51_actually-keep-track-of-max_var_len.dpatch: Fix possible DoS with |
4 | long sender addresses. Thanks to Hannah Schroeter. |
4 | long sender addresses. Thanks to Hannah Schroeter. |
- | 5 | * 52_compile_bufoverflow.dpatch: Prevent buffer overflows in SPF_compile |
|
- | 6 | from mechanisms with huge domainspecs. Workaround suggested by |
|
- | 7 | upstream. Limits the size of mechanisms and modifiers, but that |
|
- | 8 | shouldn't be a problem in practice. |
|
5 | 9 | ||
6 | -- Magnus Holmgren <holmgren@debian.org> Tue, 04 Nov 2008 21:56:56 +0100 |
10 | -- Magnus Holmgren <holmgren@debian.org> Wed, 05 Nov 2008 10:34:13 +0100 |
7 | 11 | ||
8 | libspf2 (1.2.5.dfsg-5+lenny1) testing-security; urgency=high |
12 | libspf2 (1.2.5.dfsg-5+lenny1) testing-security; urgency=high |
9 | 13 | ||
10 | * [CVE-2008-2469] 50_dns_resolv_bufoverflow.dpatch: Fix buffer overflows |
14 | * [CVE-2008-2469] 50_dns_resolv_bufoverflow.dpatch: Fix buffer overflows |
11 | in DNS response parsing. |
15 | in DNS response parsing. |