Subject: converters/xlreader vulnerability fix
To: None <tech-pkg@netbsd.org>
From: Curt Sampson <cjs@cynic.net>
List: tech-pkg
Date: 05/10/2005 14:56:43
Can someone please have a look at
pkgsrc/converters/xlreader/patches/patch-ab and tell me if it properly
fixes the security vulnerability in this package? If you've got a way
to test it (perhaps even the Excel file with the exploit that's not
included on the web site with the advisory), that would be even better.
If this does fix the vulnerability, how do I get audit-packages to
understand that the nb1 version is fixed, but the nb0 version is still
broken?
cjs
--
Curt Sampson <cjs@cynic.net> +81 90 7737 2974 http://www.NetBSD.org
Make up enjoying your city life...produced by BIC CAMERA