Viewing all changes in revision 7.
- Committer: Bazaar Package Importer
- Date: 2006-02-10 20:14:01 UTC
- Revision ID: james.westby@ubuntu.com-20060210201401-1ri1ls1pfiyrvump
* SECURITY UPDATE: Arbitrary code execution on specially crafted long file
names (which should not happen in many scenarios, though).
* unzpriv.h, Info macro:
- Use snprintf() instead of sprintf() as inner formatting function.
- Use fputs() instead of fprintf() as outer function to ignore leftover
format strings which might not have been substituted in the inner
snprintf().
- Throw away the three different implementations of that macro and use
just one safe one.
- CVE-2005-4667
names (which should not happen in many scenarios, though).
* unzpriv.h, Info macro:
- Use snprintf() instead of sprintf() as inner formatting function.
- Use fputs() instead of fprintf() as outer function to ignore leftover
format strings which might not have been substituted in the inner
snprintf().
- Throw away the three different implementations of that macro and use
just one safe one.
- CVE-2005-4667
- files modified:
- debian/changelog
expand all
collapse all
added
removed
