Ulf Härnhammar discovered a vulnerability in pavuk, a file retrieval program, whereby an oversized HTTP 305 response sent by a malicious server could cause arbitrary code to be executed with the privileges of the pavuk process. For the current stable distribution (woody), this problem has been fixed in version 0.9pl28-1woody1. pavuk is no longer included in the unstable distribution of Debian. We recommend that you update your pavuk package.
Ulf Härnhammar discovered a vulnerability in pavuk, a file retrieval program, whereby an oversized HTTP 305 response sent by a malicious server could cause arbitrary code to be executed with the privileges of the pavuk process.
For the current stable distribution (woody), this problem has been fixed in version 0.9pl28-1woody1.
pavuk is no longer included in the unstable distribution of Debian.
We recommend that you update your pavuk package.
MD5 checksums of the listed files are available in the original advisory.