I fixed the pointer which indeed should be initialized with NULL when used in
this way in ubuntu2.
As for the debian history, the only existing one I could find is the ITP:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512562
** Bug watch added: Debian Bug tracker #512562
** Changed in: xsettings-kde (Ubuntu)
Status: New = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/930384
Title:
[MIR] xsettings-kde
To manage notifications about this bug go
Promoted.
** Changed in: xsettings-kde (Ubuntu)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to xsettings-kde in Ubuntu.
https://bugs.launchpad.net/bugs/930384
Title:
[MIR] xsettings-kde
To
This is mostly fine. Simple enough program, simple packaging, not fast
moving. Does anyone know what the story is with Debian on this package?
It does use sprintf unsafely a few places, but always when reading from
a 'trusted' location like /etc/kderc. So doesn't seem like a reasonable
attack