[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-devel:11086] New Debian JP Packages



These packages were installed into the Debian JP hierarchy in the
yesterday:

----- !!! HIGH URGENCY PACKAGES !!! -----

delegate   - general purpose proxy server for various application protocols
delegate 5.8.4-1 -> 5.9.9-1 into dists/potato-jp/non-free/binary-i386/net
 delegate (5.9.9-1) unstable; urgency=HIGH
 .
 * build on potato
 * new stable upstream version; see /usr/doc/delegate/changelog.gz
 * it would closes Bug#1100, but I still suspect it might have another
 buffer overflows (too many sprintf(), strcat(), strcpy(), so I can't
 check these are secure enough)
 * [IMPORTANT CONFIGURATION CHANGE]
 To make delegate be secure, configuration should be set for specific
 IP address, that is, you should not run delegate on any IP address.
 You should configure delegate listen/accept only inner address (local)
 and don't listen/accept outer address (global).
 delegate.postinst will rename /etc/delegate/${PORT}.conf to
 /etc/delegate/127.0.0.1:${PORT}.conf, so after upgrading, you can
 use delegate from only localhost.  Please change 127.0.0.1 for
 your IP address.