-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 25 May 2003 18:28:06 -0400
Source: gps
Binary: gps rgpsp
Architecture: source i386
Version: 0.9.4-1woody1
Distribution: stable-security
Urgency: high
Maintainer: Nicholas Flintham <nick@flinny.demon.co.uk>
Changed-By: Matt Zimmerman <mdz@debian.org>
Description: 
 gps        - Graphical PS using GTK
 rgpsp      - Remote gPS poller
Changes: 
 gps (0.9.4-1woody1) stable-security; urgency=high
 .
   * Non-maintainer upload by the Security Team
   * Backport security fixes from upstream 1.1.0:
     - bug fix on rgpsp connection source acceptation policy
       (it was allowing any host to connect even when the
        /etc/rgpsp.conf file told otherwise)
       It is working now, but on any real ("production")
       network I suggest you use IP filtering to enforce
       the policy (like ipchains or iptables)
     - Several possibilities of buffer overflows have been
       fixed. Thanks to Stanislav Ievlev from ALT-Linux for
       pointing a lot of them.
     - fixed misformatting of command line parameters in
       rgpsp protocol (command lines with newlines would
       break the protocol)
     - fixed buffer overflow bug that caused rgpsp
       to SIGSEGV when stating processes with large
       command lines (>128 chars) [Linux only]
Files: 
 ad873738d3e2a9f75186cd27a5a788b2 614 admin optional gps_0.9.4-1woody1.dsc
 9572af016e2a9ade433477e81133025c 151324 admin optional gps_0.9.4.orig.tar.gz
 25f482ffd075549555e2d0b92fc9ca66 4972 admin optional gps_0.9.4-1woody1.diff.gz
 6d9601d1a3a96ede03d9ddb69a740426 114238 admin optional gps_0.9.4-1woody1_i386.deb
 0a69ed9ad920415f38541980bbbb26d6 23958 admin optional rgpsp_0.9.4-1woody1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+0U4sArxCt0PiXR4RAjoPAKC4YGFYA1XdddimyUkIaBAUQUMNxACg1157
5uM+xKLNU4rBQKcT9nmgsK8=
=3Vvy
-----END PGP SIGNATURE-----