Source: lout Version: 3.39-3 Severity: grave Tags: security upstream Justification: user security hole
Hi, The following vulnerabilities were published for lout. CVE-2019-19917[0]: | Lout 3.40 has a buffer overflow in the StringQuotedWord() function in | z39.c. CVE-2019-19918[1]: | Lout 3.40 has a heap-based buffer overflow in the srcnext() function | in z02.c. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-19917 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19917 [1] https://security-tracker.debian.org/tracker/CVE-2019-19918 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19918 Regards, Salvatore
