1 |
On Wednesday 20 August 2003 00:47, Patrick Lauer wrote: |
2 |
[snip] |
3 |
> short summary: |
4 |
> all emule, lmule and xmule versions are vulnerable to buffer |
5 |
> overflows including execution of malicious code. |
6 |
> |
7 |
> xmule 1.4.3 (portage current) is very vulnerable. |
8 |
> xmule 1.5.6 (latest from xmule website) does not fix all known |
9 |
> vulnerabilities. |
10 |
> |
11 |
> Please discourage the use of lmule and xmule until fixed versions are |
12 |
> available. |
13 |
[snap] |
14 |
|
15 |
I added xmule-1.6.0 to the tree minutes ago, so just re-sync. |
16 |
It fixes all known security issues (at least according to un-thesis) and |
17 |
I removed all older versions which had security exploits. |
18 |
|
19 |
-- |
20 |
Rainer Groesslinger |
21 |
http://dev.gentoo.org/~scandium/ |