Ubuntu
lesstif1-1 package

  1. Bug #12635
  2. Comment #5

Comment 5 for bug 12635

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Wed, 16 Feb 2005 11:28:19 +0100
From: Martin Pitt <email address hidden>
To: <email address hidden>
Subject: Re: multiple security holes in XPM code (CAN-2004-0914)

--PEIAKu/WMn1b1Hv9
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi!

Please note that the new upstream only fixes lesstif2, not lesstif1:

This directory contains fixed sources:

  http://cvs.sourceforge.net/viewcvs.py/lesstif/lesstif/lib/Xm-2.1/

However, this doesn't:

  http://cvs.sourceforge.net/viewcvs.py/lesstif/lesstif/lib/Xm/

However, fixing that is an enormous task. In this directory the Xpm
source is merged into one big C file and function names have been
renamed, so that the huuuuge patch must be applied manually.

Martin
--=20
Martin Pitt http://www.piware.de
Ubuntu Developer http://www.ubuntulinux.org
Debian GNU/Linux Developer http://www.debian.org

--PEIAKu/WMn1b1Hv9
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFCEyBDDecnbV4Fd/IRAmlHAJ0Vv3ftk++FugzMV5VP4S3lNF9CZACgwv0r
+zyL7RqOIT1PpuQe8NSIPtg=
=xK2K
-----END PGP SIGNATURE-----

--PEIAKu/WMn1b1Hv9--