Package: stlport5 Version: 5.0.0-1.1 Severity: normal Tags: security
Good day, >From CVE-2006-0963 : | Multiple buffer overflows in STLport 5.0.2 might allow local users to | execute arbitrary code via (1) long locale environment variables to a | strcpy function call in c_locale_glibc2.c and (2) long arguments to | unspecified functions in num_put_float.cpp. I think this CVE entry is buggy, problem (1) is fixed in 5.0.2. I haven't check about problem (2) but from securityfocus[1] this is also fixed in 5.0.2 Regards. [1] http://www.securityfocus.com/bid/16928/solution -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.8-2-686 Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
