This bug was fixed in the package libthai - 0.1.12-1ubuntu0.2 --------------- libthai (0.1.12-1ubuntu0.2) karmic-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via long strings (LP: #507939) - src/thbrk/brk-maximal.c: validate size of n_brk_pos before malloc. - src/thbrk/thbrk.c: validate size of n_brk_pos before malloc, and perform error checking. - Patches from Debian DSA-1971-1 - CVE-2009-4012 -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Fri, 15 Jan 2010 08:21:40 -0500 ** Changed in: libthai (Ubuntu Jaunty) Status: Confirmed => Fix Released -- CVE-2009-4012: arbitrary code execution https://bugs.launchpad.net/bugs/507939 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs