[Pkg-dia-team] Bug#368202: sarge: dia: CVE-2006-2480 and
CVE-2006-2453: format string vulnerability
joey at infodrom.org
Sun Jun 4 17:08:45 UTC 2006
Roland Stigge wrote:
> besides the upload to unstable, I've backported the upstream patch for
> #368202. See attachment.
> Feel free to upload if appropriate.
We don't consider it approriate unless you provide us with an attack
vector, i.e. automatic processing of files from untrusted source.
All language designers are arrogant. Goes with the territory...
-- Larry Wall
Please always Cc to me when replying to me on the lists.
More information about the Pkg-dia-team