[Secure-testing-team] Bug#534731: stardict broadcasts clipboard context over network
Pavel Machek
pavel at ucw.cz
Fri Jun 26 18:24:26 UTC 2009
Package: stardict
Version: 3.0.1-4.1
Severity: grave
Tags: security
Justification: user security hole
In default config "enable net dict" is selected, it attempts to grab
clipboard and sends it over network... Unfortunately, not nearly all
data in clipboard are meant for translation, and some may be pretty
sensitive.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.30 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=cs_CZ (charmap=ISO-8859-2)
Shell: /bin/sh linked to /bin/bash
Versions of packages stardict depends on:
ii stardict-gnome 3.0.1-4.1 International dictionary for GNOME
stardict recommends no packages.
stardict suggests no packages.
-- no debconf information
More information about the Secure-testing-team
mailing list