Subject: Re: [Fwd: mailhost daily insecurity output for Thu May 25 03:00:00
To: Geert Hendrickx <ghen@telenet.be>
From: Gilles Gravier <Gilles@Gravier.org>
List: netbsd-users
Date: 05/25/2006 13:55:26
This is a cryptographically signed message in MIME format.

--------------ms020005030600010505050303
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit

Thanks!

I'll be patient. :)

Gilles.

Geert Hendrickx wrote:
> On Thu, May 25, 2006 at 10:53:07AM +0200, Gilles Gravier wrote:
>   
>> Hi!
>>
>> Running /etc/security.local:
>> Package php-4.4.2nb2 has a remote-code-execution vulnerability, see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1990
>> Package php-4.4.2nb2 has a denial-of-service vulnerability, see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1991
>> Package freetype2-2.1.10nb2 has a remote-code-execution vulnerability, see http://secunia.com/advisories/20100/
>> Package cscope-15.5 has a arbitrary-code-execution vulnerability, see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2541
>>
>> Any idea when fixes are planned? PHP has been in that state for some 
>> time already... .(
>>     
>
> PHP 4.4.3 RC1 is planned for 30/05...  
>
> 	Geert
>   

-- 
/*Gilles Gravier*/ *=* *Gilles@Gravier.org* <mailto:Gilles@Gravier.org> 
*=* *http://www.gravier.org/*
ICQ : *77488526* 
<http://www.icq.com/whitepages/about_me.php?Uin=77488526> * || *MSN 
Messenger : Gilles@Gravier.org <http://members.msn.com/Gilles@Gravier.org>*
*Skype : ggravier <callto://ggravier>* || *Y! : ggravier 
<http://profiles.yahoo.com/ggravier> || AOL : gillesgravier 
<aim:goim?screenname=gillesgravier>
PGP Key ID : *0x8DE6D026* 
<http://pgp.mit.edu:11371/pks/lookup?search=0x8DE6D026&op=index>
"Chastity is its own punishment." (/Solomon Short/) [/David Gerrold/]
"De toutes les aberrations sexuelles, la chasteté est la plus 
aberrante." [Anatole France]


--------------ms020005030600010505050303
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJeTCC
AxcwggKAoAMCAQICAw9CWjANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UE
ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv
bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDUwODA1MjI1NzM4WhcNMDYwODA1MjI1NzM4
WjBfMRAwDgYDVQQEEwdHcmF2aWVyMQ8wDQYDVQQqEwZHaWxsZXMxFzAVBgNVBAMTDkdpbGxl
cyBHcmF2aWVyMSEwHwYJKoZIhvcNAQkBFhJnaWxsZXNAZ3Jhdmllci5vcmcwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC199MMtghWzKIuhBXAWnzNNefa/UJHgdS7GYtMt2Yz
1KPvEP1P5IIg/X1SH6nHQIDBQkN9DKAJ6DIPRkckbrg7HyuTus6w+FgyGEjb7Jd1NKAPU04P
agz3kVU7sf/NoqIeVjNP2f3R6zXvtWFHE6VGzH6JmSx8XNRSoFMoXGI5wG6K8IWqZhiUdyNQ
lKavpdj6QE0YngxNq49tzlsXb/yOZtTA5IfNi2bFwMJfXEICDpkF1zzXnsSLq+FnZgCQW0Xp
0B2aaoZY0cxcYESTubpK89/aPvWIqKsAjYhfBrRYc2k4+eip3UDGeav6DdDKCROLs28RnI0E
jHO7ZM/hzVwXAgMBAAGjWjBYMCkGBStlAQQBBCAwHgIBADAZMBcCAQQEEmM4dkRHN0xGenBH
Y0t1UjJKUTAdBgNVHREEFjAUgRJnaWxsZXNAZ3Jhdmllci5vcmcwDAYDVR0TAQH/BAIwADAN
BgkqhkiG9w0BAQQFAAOBgQA/cRlhXQiI9xAU0Rm/pVbm3icXgL5XXvfcbA2V5Z2uKqRDcgtw
eNHs6kAlYP+qBZkCnvCu1ECdMQETJB3iP9czDQajkJhJBVmAD1ka14OeQyvLM8PiYk2vJ9q5
8VjYuWNGiHHydL0CHfxPXJZTY0koIJfdhvCzsxwfRsZ8pllOnDCCAxcwggKAoAMCAQICAw9C
WjANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1
bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElz
c3VpbmcgQ0EwHhcNMDUwODA1MjI1NzM4WhcNMDYwODA1MjI1NzM4WjBfMRAwDgYDVQQEEwdH
cmF2aWVyMQ8wDQYDVQQqEwZHaWxsZXMxFzAVBgNVBAMTDkdpbGxlcyBHcmF2aWVyMSEwHwYJ
KoZIhvcNAQkBFhJnaWxsZXNAZ3Jhdmllci5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQC199MMtghWzKIuhBXAWnzNNefa/UJHgdS7GYtMt2Yz1KPvEP1P5IIg/X1SH6nH
QIDBQkN9DKAJ6DIPRkckbrg7HyuTus6w+FgyGEjb7Jd1NKAPU04Pagz3kVU7sf/NoqIeVjNP
2f3R6zXvtWFHE6VGzH6JmSx8XNRSoFMoXGI5wG6K8IWqZhiUdyNQlKavpdj6QE0YngxNq49t
zlsXb/yOZtTA5IfNi2bFwMJfXEICDpkF1zzXnsSLq+FnZgCQW0Xp0B2aaoZY0cxcYESTubpK
89/aPvWIqKsAjYhfBrRYc2k4+eip3UDGeav6DdDKCROLs28RnI0EjHO7ZM/hzVwXAgMBAAGj
WjBYMCkGBStlAQQBBCAwHgIBADAZMBcCAQQEEmM4dkRHN0xGenBHY0t1UjJKUTAdBgNVHREE
FjAUgRJnaWxsZXNAZ3Jhdmllci5vcmcwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQQFAAOB
gQA/cRlhXQiI9xAU0Rm/pVbm3icXgL5XXvfcbA2V5Z2uKqRDcgtweNHs6kAlYP+qBZkCnvCu
1ECdMQETJB3iP9czDQajkJhJBVmAD1ka14OeQyvLM8PiYk2vJ9q58VjYuWNGiHHydL0CHfxP
XJZTY0koIJfdhvCzsxwfRsZ8pllOnDCCAz8wggKooAMCAQICAQ0wDQYJKoZIhvcNAQEFBQAw
gdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUg
VG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRp
b24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFp
bCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0w
MzA3MTcwMDAwMDBaFw0xMzA3MTYyMzU5NTlaMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxU
aGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwg
RnJlZW1haWwgSXNzdWluZyBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxKY8VXNV
+065yplaHmjAdQRwnd/p/6Me7L3N9VvyGna9fww6YfK/Uc4B1OVQCjDXAmNaLIkVcI7dyfAr
hVqqP3FWy688Cwfn8R+RNiQqE88r1fOCdz0Dviv+uxg+B79AgAJk16emu59l0cUqVIUPSAR/
p7bRPGEEQB5kGXJgt/sCAwEAAaOBlDCBkTASBgNVHRMBAf8ECDAGAQH/AgEAMEMGA1UdHwQ8
MDowOKA2oDSGMmh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVQZXJzb25hbEZyZWVtYWls
Q0EuY3JsMAsGA1UdDwQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxh
YmVsMi0xMzgwDQYJKoZIhvcNAQEFBQADgYEASIzRUIPqCy7MDaNmrGcPf6+svsIXoUOWlJ1/
TCG4+DYfqi2fNi/A9BxQIJNwPP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQlGLH2ydxVyWN3amc
OY6MIE9lX5Xa9/eH1sYITq726jTlEBpbNU1341YheILcIRk13iSx0x1G/11fZU8xggM7MIID
NwIBATBpMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5
KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQID
D0JaMAkGBSsOAwIaBQCgggGnMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcN
AQkFMQ8XDTA2MDUyNTExNTUyNlowIwYJKoZIhvcNAQkEMRYEFHcRsCHWhx/k1MJmZ+vwPIVH
JP6TMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqG
SIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMHgGCSsGAQQBgjcQBDFrMGkwYjEL
MAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAq
BgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBAgMPQlowegYLKoZI
hvcNAQkQAgsxa6BpMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGlu
ZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWlu
ZyBDQQIDD0JaMA0GCSqGSIb3DQEBAQUABIIBAEJ65qDbsrJG3lDA5ut67ZT1zBDadfbGneTp
fUgouVbSG3jCL0xuEwsSDQdD1eiochhpcattj0yvQytGSkoNuMGm3cgIDEHhGgIvc1SB3vxx
iBeyz1LSVl3H0lVJmMRAxUpTzqdVVul7Sql+xs6KF+G/Bh8uibiF4AU4HnOY1TZp35yFKuVX
NfN9ReOSD1Lx6ICMfk7kx7csPjF+R+9OhdvKdqCJLqhcu26vNFI0VuPQyaQrLyE0ucOXvPoV
FFPKWsvOe/oz/C7QWKlMPI8/rChBV/j6Q1IPpsmh86QMxTJqWCoqXBV9d9oLbVHpI6NhSQ2D
1gdPwsDruM+mEm2br6YAAAAAAAA=
--------------ms020005030600010505050303--