Vulnerability in xfig import code

From: Lars Clausen <lars raeder dk>
To: discussions about usage and development of dia <dia-list gnome org>
Subject: Vulnerability in xfig import code
Date: Wed, 29 Mar 2006 22:08:43 +0200

A voluntary security review of the importers by infamous41md has turned
up three buffer overflow errors in the xfig import code.  These errors
have existed since the code was first created in version 0.87, but are
corrected as of version 0.95-pre6.  The attached patch fixes them for
version 0.94.

-Lars

Attachment: 0.94-security-patch
Description: Text Data

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]