Rev 38 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 38 | Rev 39 | ||
|---|---|---|---|
| Line 1... | Line 1... | ||
| 1 | libspf2 (1.2.5.dfsg-5+lenny2) testing-security; urgency=high |
1 | libspf2 (1.2.5.dfsg-5+lenny2) testing-security; urgency=high |
| 2 | 2 | ||
| 3 | * 51_actually-keep-track-of-max_var_len.dpatch: Fix possible DoS with |
3 | * 51_actually-keep-track-of-max_var_len.dpatch: Fix possible DoS with |
| 4 | long sender addresses. Thanks to Hannah Schroeter. |
4 | long sender addresses. Thanks to Hannah Schroeter. |
| - | 5 | * 52_compile_bufoverflow.dpatch: Prevent buffer overflows in SPF_compile |
|
| - | 6 | from mechanisms with huge domainspecs. Workaround suggested by |
|
| - | 7 | upstream. Limits the size of mechanisms and modifiers, but that |
|
| - | 8 | shouldn't be a problem in practice. |
|
| 5 | 9 | ||
| 6 | -- Magnus Holmgren <holmgren@debian.org> Tue, 04 Nov 2008 21:56:56 +0100 |
10 | -- Magnus Holmgren <holmgren@debian.org> Wed, 05 Nov 2008 10:34:13 +0100 |
| 7 | 11 | ||
| 8 | libspf2 (1.2.5.dfsg-5+lenny1) testing-security; urgency=high |
12 | libspf2 (1.2.5.dfsg-5+lenny1) testing-security; urgency=high |
| 9 | 13 | ||
| 10 | * [CVE-2008-2469] 50_dns_resolv_bufoverflow.dpatch: Fix buffer overflows |
14 | * [CVE-2008-2469] 50_dns_resolv_bufoverflow.dpatch: Fix buffer overflows |
| 11 | in DNS response parsing. |
15 | in DNS response parsing. |