webcalendar
Darryl Clarke
smartssa at gmail.com
Sat Sep 10 02:35:36 UTC 2005
On 9/9/05, charlie derr <cderr at simons-rock.edu> wrote:
[snip]
> However, there's a DSA on webcalendar from debian http://www.debian.org/security/2005/dsa-799 and it seems that the
> ubuntu package has not had this patch applied.
>
> Will there be a forthcoming patched webcalendar package for hoary-security in the next couple days? Or should I
> uninstall hoary and install debian sarge? Is it possible that the patched sarge package
> http://security.debian.org/pool/updates/main/w/webcalendar/webcalendar_0.9.45-4sarge2 will install cleanly on hoary? Is
> there a better ubuntu distribution (breezy?) that I should be using which has this vulnerability already patched?
>
Because the Universe Repository (where webcalendar resides) isn't part
of the "official" Ubuntu (what you get on a cd) it does not receive
the same level of security updates.
This is documented:
https://wiki.ubuntu.com/UniverseSecurity
You should be able to use the debian package without problems, or you
can try and bug the maintainer to see if he has an updated package
ready (but not yet in the repositories).
HTH.
--
~ Darryl ~ smartssa at gmail.com
http://smartssa.com / http://darrylclarke.com
More information about the ubuntu-users
mailing list