-
Committer:
Bazaar Package Importer
-
Author(s):
Martin Pitt
-
Date:
2005-06-09 11:14:42 UTC
-
Revision ID:
james.westby@ubuntu.com-20050609111442-5fl7vi64bjaag7nb
Tags: 2.8.1-0ubuntu1.1
* SECURITY UPDATE: Fix file name buffer overflow.
* Added debian/patches/10_debian_format-string-vulnerabilities.patch:
- Fix format string vulnerabilities in calls to gtk_message_dialog_new(),
which is possibly remotely exploitable via specially crafted file names
or URLs.
- References:
CAN-2005-1686,
http://bugzilla.gnome.org/show_bug.cgi?id=306800