Vulnerability Development mailing list archives
Re: New bugs discovered!
From: "Alex Butcher (vuln-dev)" <vulndev () cocoa demon co uk>
Date: Mon, 19 Nov 2001 09:29:37 +0000 (GMT)
On Sun, 18 Nov 2001, Nate Amsden wrote:
[ Executive summary: this is a problem that appears to be specific to Linux distributions using obsolete versions of gzip, including Slackware 7.1 and 8.0. Other problems *may* lurk in gzip, other distros and therefore packages (including FTP servers) which make use of gzip. ]same here .. but gzip 1.2.4 :
[snip]
same results on debian 2.2r3(potato) so not all "obsolete" versions of gzip are affected..
Yeah, Debian, like Red Hat (probably others too) frequently include patches culled from mailing lists, their own code audits and so on, meaning the version isn't a completely reliable guide to determining the vulnerability or not of a given instance. This issue has arisen in the past; perhaps it's time that the folks at Debian and Red Hat started indicating more clearly that they've patched with their version numbers (add an 's' suffix for security issues, 'b' for bugfixes, 'f' for functionality, 'c' for compilation issues...)
nate
Best Regards, Alex. -- Alex Butcher Brainbench MVP for Internet Security: www.brainbench.com Berkshire, UK Is *your* company hiring UNIX/Security/Pen. testing folks? PGP/GnuPG ID:0x271fd950 http://www.cocoa.demon.co.uk/cv/
Current thread:
- New bugs discovered! vuln-dev (Nov 18)
- Re: New bugs discovered! Alex Butcher (vuln-dev) (Nov 18)
- Re: New bugs discovered! Nate Amsden (Nov 19)
- Re: New bugs discovered! Alex Butcher (vuln-dev) (Nov 19)
- Re: New bugs discovered! Roger Burton West (Nov 19)
- Re: New bugs discovered! Fabio Roccatagliata (Nov 19)
- Re: New bugs discovered! Respect (Nov 19)
- Re: New bugs discovered! Nate Amsden (Nov 19)
- Re: New bugs discovered! Alex Butcher (vuln-dev) (Nov 18)
- Re: New bugs discovered! Yaroslav Klyukin (Nov 18)
- Re: New bugs discovered! Crist J. Clark (Nov 19)
- Re: New bugs discovered! Robert Jaroszuk (Nov 19)
- Re: New bugs discovered! Naseer Bhatti (Nov 19)
- Re: New bugs discovered! Larry W. Cashdollar (Nov 18)
- Re: New bugs discovered! Syzop (Nov 19)
- Re[2]: New bugs discovered! Mariusz Mazur (Nov 19)