-
Committer:
Bazaar Package Importer
-
Author(s):
Gauvain Pocentek
-
Date:
2008-06-27 22:26:10 UTC
-
Revision ID:
james.westby@ubuntu.com-20080627222610-sa17ipidjs8ht4lc
Tags: 4.3.90.1svn+r21633-0ubuntu2.1
* SECURITY UPDATE:
+ debian/patches/CVE-2007-6531.patch
- Stack-based buffer overflow in the Panel (xfce4-panel)
component in Xfce before 4.4.2 might allow remote attackers to
execute arbitrary code via Launcher tooltips. NOTE: a second
buffer overflow (over-read) in the xfce_mkdirhier
function was also reported, but it might not be exploitable
for a crash or code execution, so it is not a vulnerability.
* References
+ http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2007-6531