From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 23169 invoked from network); 11 Nov 2004 23:06:30 -0000 Received: from unknown (HELO lists.gnu.org) (199.232.76.165) by sourceware.org with SMTP; 11 Nov 2004 23:06:30 -0000 Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.33) id 1CSO6P-0003SS-V6 for listarch-gnats-announce@sources.redhat.com; Thu, 11 Nov 2004 18:11:42 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.33) id 1CSO3P-00037R-LI for info-gnats@gnu.org; Thu, 11 Nov 2004 18:08:35 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.33) id 1CSO3O-00036n-CQ for info-gnats@gnu.org; Thu, 11 Nov 2004 18:08:34 -0500 Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.33) id 1CSO3O-00036K-2G for info-gnats@gnu.org; Thu, 11 Nov 2004 18:08:34 -0500 Received: from [199.199.210.160] (helo=chef.nerp.net) by monty-python.gnu.org with esmtp (Exim 4.34) id 1CSNtH-00023T-1X for info-gnats@gnu.org; Thu, 11 Nov 2004 17:58:07 -0500 Received: from skuld.wookimus.net (c-66-41-156-164.mn.client2.attbi.com [66.41.156.164]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by chef.nerp.net (Postfix) with ESMTP id B557D3401A for ; Thu, 11 Nov 2004 16:58:05 -0600 (CST) Received: by skuld.wookimus.net (Postfix, from userid 1000) id 21CD11807; Thu, 11 Nov 2004 16:57:49 -0600 (CST) Date: Thu, 11 Nov 2004 23:06:00 -0000 From: Chad Walstrom To: info-gnats@gnu.org Message-ID: <20041111225749.GU17174@wookimus.net> Mail-Followup-To: info-gnats@gnu.org Mime-Version: 1.0 X-Operating-System: Linux skuld 2.6.8-1-k7 X-GnuPG-Fingerprint: B4AB D627 9CBD 687E 7A31 1950 0CC7 0B18 206C 5AFD User-Agent: Mutt/1.5.6+20040722i X-Mailman-Approved-At: Thu, 11 Nov 2004 18:09:19 -0500 Subject: New Release: 4.0.1 -- Fixes Potential Security Vulnerability X-BeenThere: info-gnats@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: GNU GNATS announcements List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============2123320387==" Sender: info-gnats-bounces+listarch-gnats-announce=sources.redhat.com@gnu.org Errors-To: info-gnats-bounces+listarch-gnats-announce=sources.redhat.com@gnu.org X-SW-Source: 2004/txt/msg00003.txt.bz2 --===============2123320387== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="8RsyD0KswhpoK73Z" Content-Disposition: inline --8RsyD0KswhpoK73Z Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-length: 857 The GNU GNATS Development Team has released a new version of GNATS, the Problem Report Management System. This release, 4.0.1 is a patch release to address a potential security vulnerability with string formatting in gnats/misc.c that was described in: http://lists.gnu.org/archive/html/bug-gnats/2004-06/msg00028.html http://www.zone-h.org/advisories/read/id=3D4889 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2004-0623 http://www.debian.org/security/2004/dsa-590 Additional string formatting fixes were applied to avoid buffer overflows in constructing formatted date strings. You may download GNATS 4.0.1 from ftp://ftp.gnu.org/pub/gnu/gnats/ or http://savannah.gnu.org/download/gnats (temporarily). --=20 Chad Walstrom http://www.wookimus.net/ assert(expired(knowledge)); /* core dump */ --8RsyD0KswhpoK73Z Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline Content-length: 189 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD4DBQFBk+5tDMcLGCBsWv0RAqGnAJwPbC4HqDxBmwq7LCW3RazbD0/x7gCUC/GA O5rqqJj9f46VvqSoHHT3Nw== =QvY7 -----END PGP SIGNATURE----- --8RsyD0KswhpoK73Z-- --===============2123320387== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline Content-length: 140 _______________________________________________ Info-gnats mailing list Info-gnats@gnu.org http://lists.gnu.org/mailman/listinfo/info-gnats --===============2123320387==--