La Salle Debain

Sun Mon Tue Wed Thu Fri Sat
26 27 28 29 30    

Open Source @ Consolidated Braincells Inc.

About La Salle Debain

This is a weblog I'm keeping about my work on Debian and any other useful Debian related info I come across. It is not meant to compete with other news sources like Debian Weekly News or Debian Planet. Mostly it is just a way for me to classify and remember all the random bits of information that I have floating around me. I thought maybe by using a blog it could be of some use to others too. Btw. "I" refers to Jaldhar H. Vyas, Debian developer for over 5 years. If you want to know more about me, my home page is here.

The name? Debain is a very common misspelling of Debian and la salle de bains means bathroom in French.

If you have a comment to make on something you read here, feel free to write to me at

You can get an rss 0.91 feed of any page in the blog by appending ?flav=rss to the end of the URL.

Sat, 13 Sep 2003

New pine .debs: Fix security problems

I've made some new .debs of pine available.

A buffer overflow exists in the way unpatched versions of Pine prior to 4.57 handle the 'message/external-body' type. The Common Vulnerabilities and Exposures project ( has assigned the name CAN-2003-0720 to this issue.

An integer overflow exists in the Pine MIME header parsing in versions prior to 4.57. The Common Vulnerabilities and Exposures project ( has assigned the name CAN-2003-0721 to this issue.

Both of these flaws could be exploited by a remote attacker sending a carefully crafted email to the victim that will execute arbitrary code when the email is opened using Pine. So please upgrade ASAP.

posted at: 00:03 | #