Remotely exploitable buffer overflow in Ecartis/Listar. Janusz Niewiadomski and Wojciech Purczynski reported a remotely exploitable buffer overflow in address_match(). The other vulnerabilities in their report not addressed by the updates listed below are "ineffective privilege dropping in listar" and "multiple local vulnerabilities." Listar is a mailing list manager similar to Majordomo or Listserv. (First LWN report: March 14).
This week's updates: