* SECURITY: typespeed (CVE-2006-1515)
@ 2006-06-19 20:52 Yaakov S (Cygwin Ports)
2006-06-22 21:57 ` Lapo Luchini
0 siblings, 1 reply; 3+ messages in thread
From: Yaakov S (Cygwin Ports) @ 2006-06-19 20:52 UTC (permalink / raw)
To: cygwin-apps
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
A buffer overflow has been discovered in the addnewword() function of
Typespeed's network code.
Workaround: Don't run typespeed in multiplayer mode.
Solution: Upgrade to >= 0.5.1. (0.5.0 fixed the security bug, but
introduced some functionality bugs fixed in 0.5.1.)
More information:
http://security.gentoo.org/glsa/glsa-200606-20.xml
http://bugs.gentoo.org/show_bug.cgi?id=135071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1515
Yaakov
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFElw5+piWmPGlmQSMRAkUtAJwKqWWpoTJGGrx/1UN6pQ7akZYvoQCghifc
RxjBwGdU+dLXo4vXo62rk9I=
=pZ7E
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: SECURITY: typespeed (CVE-2006-1515)
2006-06-19 20:52 SECURITY: typespeed (CVE-2006-1515) Yaakov S (Cygwin Ports)
@ 2006-06-22 21:57 ` Lapo Luchini
2006-06-22 22:51 ` Yaakov S (Cygwin Ports)
0 siblings, 1 reply; 3+ messages in thread
From: Lapo Luchini @ 2006-06-22 21:57 UTC (permalink / raw)
To: [ML] CygWin-Apps
Yaakov S (Cygwin Ports) wrote:
> Solution: Upgrade to >= 0.5.1. (0.5.0 fixed the security bug, but
> introduced some functionality bugs fixed in 0.5.1.)
It seems I will have a nice cozy package-preparing week-end ;-)
(typespeed, rsync, monotone...)
Lapo
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: SECURITY: typespeed (CVE-2006-1515)
2006-06-22 21:57 ` Lapo Luchini
@ 2006-06-22 22:51 ` Yaakov S (Cygwin Ports)
0 siblings, 0 replies; 3+ messages in thread
From: Yaakov S (Cygwin Ports) @ 2006-06-22 22:51 UTC (permalink / raw)
To: cygwin-apps
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Lapo Luchini wrote:
> It seems I will have a nice cozy package-preparing week-end ;-)
>
> (typespeed, rsync, monotone...)
<cough>gamin</cough> :-D
Yaakov
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEmygGpiWmPGlmQSMRAotuAKC6MZte4XrMsvfM7C2UHBdxIVRFswCghY6v
i/0MLIaHcbexUCMeZG6toPM=
=Ef4p
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2006-06-22 22:51 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2006-06-19 20:52 SECURITY: typespeed (CVE-2006-1515) Yaakov S (Cygwin Ports)
2006-06-22 21:57 ` Lapo Luchini
2006-06-22 22:51 ` Yaakov S (Cygwin Ports)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).