[Pkg-dia-team] Bug#368202: sarge: dia: CVE-2006-2480 and CVE-2006-2453: format string vulnerability

Martin Schulze joey at infodrom.org
Sun Jun 4 17:08:45 UTC 2006

Roland Stigge wrote:
> Hi,
> besides the upload to unstable, I've backported the upstream patch for
> #368202. See attachment.
> Feel free to upload if appropriate.

We don't consider it approriate unless you provide us with an attack
vector, i.e. automatic processing of files from untrusted source.



All language designers are arrogant.  Goes with the territory...
	-- Larry Wall

Please always Cc to me when replying to me on the lists.

More information about the Pkg-dia-team mailing list