Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] status of SuSE version of pine
  • From: Roman Drahtmueller <draht@xxxxxxx>
  • Date: Fri, 18 Jan 2002 14:39:44 +0100 (MET)
  • Message-id: <Pine.LNX.4.43.0201181434530.17473-100000@xxxxxxxxxxxx>
Hi Bob,

> Hello,
>
> I'm almost sure that somewhere in the sea of information I wade through
> every day was a statement that SuSE pine is not vulnerable to the recently
> discussed problem with following maliciously-crafted URLs. But I've
> searched the archives and I can't find it; could some kind soul put me at
> ease by confirming that SuSE pine is not vulnerable to this attack? The
> version I am running is 4.33-42 on SuSE 7.2.
>

Please look at the changelog of the package:

$ rpm -qp pine.rpm
pine-4.33-42
$ rpm -qp --changelog pine.rpm | grep -B3 -A2 security|head -8

* Tue Dec 14 1999 - grimmer@xxxxxxx

- added security patch from Olaf Kirch (version 4.21 did
not completely resolve this issue)

--

$


If you take a look at the source rpm, you will find the patch inside.

> Thanks,
> Bob

Roman.
--
- -
| Roman Drahtm├╝ller <draht@xxxxxxx> // "You don't need eyes to see, |
SuSE GmbH - Security Phone: // you need vision!"
| N├╝rnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |
- -


< Previous Next >
References