webcalendar
charlie derr
cderr at simons-rock.edu
Sat Sep 10 02:19:45 UTC 2005
I asked this question on IRC yesterday and saw no response. If there's a better forum to ask it in, please direct me there.
We have a server running hoary which includes hoary-security sources in /etc/apt/sources.list that we'd like to run
webcalendar on. The output of the following command shows:
dpkg -l webcalendar
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name Version Description
+++-===============================-===============================-==============================================================================
ii webcalendar 0.9.45-2 PHP-Based multi-user calendar
However, there's a DSA on webcalendar from debian http://www.debian.org/security/2005/dsa-799 and it seems that the
ubuntu package has not had this patch applied.
Will there be a forthcoming patched webcalendar package for hoary-security in the next couple days? Or should I
uninstall hoary and install debian sarge? Is it possible that the patched sarge package
http://security.debian.org/pool/updates/main/w/webcalendar/webcalendar_0.9.45-4sarge2 will install cleanly on hoary? Is
there a better ubuntu distribution (breezy?) that I should be using which has this vulnerability already patched?
thanks very much in advance to any pointers to info or whatever,
~c
More information about the ubuntu-users
mailing list