[Pkg-dia-team] Bug#368202: sarge: dia: CVE-2006-2480 and
CVE-2006-2453: format string vulnerability
Martin Schulze
joey at infodrom.org
Sun Jun 4 17:08:45 UTC 2006
Roland Stigge wrote:
> Hi,
>
> besides the upload to unstable, I've backported the upstream patch for
> #368202. See attachment.
>
> Feel free to upload if appropriate.
We don't consider it approriate unless you provide us with an attack
vector, i.e. automatic processing of files from untrusted source.
Regards,
Joey
--
All language designers are arrogant. Goes with the territory...
-- Larry Wall
Please always Cc to me when replying to me on the lists.
More information about the Pkg-dia-team
mailing list