| 1 |
On Wednesday 20 August 2003 00:47, Patrick Lauer wrote: |
| 2 |
[snip] |
| 3 |
> short summary: |
| 4 |
> all emule, lmule and xmule versions are vulnerable to buffer |
| 5 |
> overflows including execution of malicious code. |
| 6 |
> |
| 7 |
> xmule 1.4.3 (portage current) is very vulnerable. |
| 8 |
> xmule 1.5.6 (latest from xmule website) does not fix all known |
| 9 |
> vulnerabilities. |
| 10 |
> |
| 11 |
> Please discourage the use of lmule and xmule until fixed versions are |
| 12 |
> available. |
| 13 |
[snap] |
| 14 |
|
| 15 |
I added xmule-1.6.0 to the tree minutes ago, so just re-sync. |
| 16 |
It fixes all known security issues (at least according to un-thesis) and |
| 17 |
I removed all older versions which had security exploits. |
| 18 |
|
| 19 |
-- |
| 20 |
Rainer Groesslinger |
| 21 |
http://dev.gentoo.org/~scandium/ |
Archives