Source: sane-backends Version: 1.0.22-7.4 Severity: important Tags: upstream Control: forwarded -1 https://alioth.debian.org/tracker/index.php?func=detail&aid=313848&group_id=30186&atid=410366
Dear Debian folks, Cppcheck check reports several memory leaks in packages built from the source package sane-backends [1]. There is also an upstream report [2] with all Cppcheck complains attached run against the Git version as of October 2012. It is not clear what consequences this has on security and how to deal with this correctly. I am going to send some patches upstream and will hopefully remember to post the links as replies to this report. Thanks, Paul [1] http://qa.debian.org/daca/cppcheck/sid/sane-backends_1.0.22-2.html [2] https://alioth.debian.org/tracker/index.php?func=detail&aid=313848&group_id=30186&atid=410366 -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libsane depends on: ii acl 2.2.51-8 ii adduser 3.113+nmu3 ii libavahi-client3 0.6.31-1 ii libavahi-common3 0.6.31-1 ii libc6 2.13-38 ii libexif12 0.6.21-1 ii libgphoto2-2 2.4.14-2 ii libgphoto2-port0 2.4.14-2 ii libieee1284-3 0.2.11-10 ii libjpeg8 8d-1 ii libsane-common 1.0.22-7.4 ii libtiff4 3.9.6-11 ii libusb-0.1-4 2:0.1.12-23+nmu1 ii libv4l-0 0.8.9-1 ii makedev 2.3.1-92 ii multiarch-support 2.13-38 ii udev 175-7.1 Versions of packages libsane recommends: ii libsane-extras 1.0.22.2 ii sane-utils 1.0.22-7.4 Versions of packages libsane suggests: ii avahi-daemon 0.6.31-1 ii hplip 3.12.6-3 pn hpoj <none> -- no debconf information
signature.asc
Description: This is a digitally signed message part
