Full Disclosure mailing list archives
Re: [SECURITY] [DSA 1685-1] New uw-imap packages fix multiple vulnerabilities
From: - o z - <osgo () hotmail com>
Date: Fri, 12 Dec 2008 11:36:19 -0800
On Dec 11, 2008, at 10:36 PM, Steffen Joeris wrote:
Debian Security Advisory DSA-1685-1 security () debian orghttp://www.debian.org/security/ Steffen JoerisDecember 12, 2008 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : uw-imap Vulnerability : buffer overflows, null pointer dereference Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-5005 CVE-2008-5006 Two vulnerabilities have been found in uw-imap, an IMAP implementation. The Common Vulnerabilities and Exposures project identifies the following problems:
This alert is an excellent example of what I've been ranting about, e.g.:
Re: [Full-disclosure] [SECURITY] [DSA 1685-1] New uw-imap packages fix multiple vulnerabilities
-------------------------> ^^^^^^^^^^^^^^^^^^^^^^^^24-25 characters that could have been appended to the end of the subject line instead of
the beginning.In a perfect world, the message would read like this, with "[Full- disclosure]" abbreviated to "[FD]":
"Re: [FD] New uw-imap packages fix multiple vulnerabilities [SECURITY] [DSA 1685-1]"
Oi, I know this makes too much sense, sorry. -oz
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [SECURITY] [DSA 1685-1] New uw-imap packages fix multiple vulnerabilities Steffen Joeris (Dec 12)
- Re: [SECURITY] [DSA 1685-1] New uw-imap packages fix multiple vulnerabilities - o z - (Dec 12)