webcalendar

charlie derr cderr at simons-rock.edu
Sat Sep 10 02:19:45 UTC 2005


I asked this question on IRC yesterday and saw no response.  If there's a better forum to ask it in, please direct me there.

We have a server running hoary which includes hoary-security sources in /etc/apt/sources.list that we'd like to run 
webcalendar on.  The output of the following command shows:

dpkg -l webcalendar
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name                            Version                         Description
+++-===============================-===============================-==============================================================================
ii  webcalendar                     0.9.45-2                        PHP-Based multi-user calendar



However, there's a DSA on webcalendar from debian http://www.debian.org/security/2005/dsa-799 and it seems that the 
ubuntu package has not had this patch applied.

Will there be a forthcoming patched webcalendar package for hoary-security in the next couple days?  Or should I 
uninstall hoary and install debian sarge?  Is it possible that the patched sarge package
http://security.debian.org/pool/updates/main/w/webcalendar/webcalendar_0.9.45-4sarge2 will install cleanly on hoary? Is 
there a better ubuntu distribution (breezy?) that I should be using which has this vulnerability already patched?


	thanks very much in advance to any pointers to info or whatever,
		~c




More information about the ubuntu-users mailing list