-
Committer:
Package Import Robot
-
Author(s):
Salvatore Bonaccorso
-
Date:
2014-01-12 14:37:45 UTC
-
Revision ID:
package-import@ubuntu.com-20140112143745-zzt3bu3i6l8cyq55
Tags: 2.26.3-16.1
* Non-maintainer upload.
* Add CVE-2014-1235.patch patch.
CVE-2014-1235: buffer overflow vulnerability in yyerror() introduced by
original fix for CVE-2014-0978. (Closes: #734745)
* Add CVE-2014-1236.patch patch.
CVE-2014-1236: buffer overflow from user input (the regexp in chkNum
would accept arbitrary long digit list) (Closes: #734745)
* Enable hardened build flags.
Thanks to Moritz Muehlenhoff <jmm@debian.org> (Closes: #734804)
* Add fix-missing-format-string.patch patch.
Fixes missing format strings for printf and fprintf calls.