Quoting from a recent Gentoo security advisory:
> Chris Gilbert discovered potentially exploitable buffer overflow cases
> in libXpm that weren't fixed in previous libXpm security advisories.
This has been assigned CAN-2005-0605, Woody should be affected as
well.
The attached patch has been taken from Gentoo bugtracking, as the
lesstif CVS doesn't have a commit yet. Judging from the source I assume
that this fixes only lesstif2, but not lesstif1, am I correct?
Package: lesstif1-1
Severity: grave
Tags: security, patch
Justification: user security hole
Quoting from a recent Gentoo security advisory:
> Chris Gilbert discovered potentially exploitable buffer overflow cases
> in libXpm that weren't fixed in previous libXpm security advisories.
This has been assigned CAN-2005-0605, Woody should be affected as
well.
The attached patch has been taken from Gentoo bugtracking, as the
lesstif CVS doesn't have a commit yet. Judging from the source I assume
that this fixes only lesstif2, but not lesstif1, am I correct?
Cheers,
Moritz
-- System Information: de_DE.ISO- 8859-15@ euro (charmap= ISO-8859- 15)
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-1-686
Locale: LANG=C, LC_CTYPE=