[Bug 507939] Re: CVE-2009-4012: arbitrary code execution

Launchpad Bug Tracker Mon, 18 Jan 2010 06:51:29 -0800

This bug was fixed in the package libthai - 0.1.12-1ubuntu0.2

---------------
libthai (0.1.12-1ubuntu0.2) karmic-security; urgency=low


  * SECURITY UPDATE: arbitrary code execution via long strings
    (LP: #507939)
    - src/thbrk/brk-maximal.c: validate size of n_brk_pos before malloc.
    - src/thbrk/thbrk.c: validate size of n_brk_pos before malloc, and
      perform error checking.
    - Patches from Debian DSA-1971-1
    - CVE-2009-4012
 -- Marc Deslauriers <marc.deslauri...@ubuntu.com>   Fri, 15 Jan 2010 08:21:40 
-0500

** Changed in: libthai (Ubuntu Jaunty)
       Status: Confirmed => Fix Released

-- 
CVE-2009-4012: arbitrary code execution
https://bugs.launchpad.net/bugs/507939
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 507939] Re: CVE-2009-4012: arbitrary code execution

Reply via email to