On Jan 18, 07 09:18:46 +0100, Reinhard Tartler wrote: > I just got the following bugreport on xine-ui. Could you have a look at > it and tell me if you think there is a vulnerability? In this case, I'd > have to update the xine-ui package despite debian's freeze. To be sure, > I wanted to check with you. Here we go:
This is already fixed in CVS. > | Format string vulnerability in the errors_create_window function in > | errors.c in xine-ui allows attackers to execute arbitrary code via > | unknown vectors. > > I take a look at the errors_create_window function in errors.c, the > vulnerable code seems to be on line 67 : > > | xw = xitk_window_dialog_two_buttons_with_width(gGui->imlib_data, title, > | _("Done"), _("More..."), > | NULL, _errors_display_log, > | NULL, 400, ALIGN_CENTER, > | "%s", message); This used to be .... NULL, 400, ALIGN_CENTER, message); ("%s", missing), which was indeed vulnerable. Thanks Matthias -- Matthias Hopf <[EMAIL PROTECTED]> __ __ __ Maxfeldstr. 5 / 90409 Nuernberg (_ | | (_ |__ [EMAIL PROTECTED] Phone +49-911-74053-715 __) |_| __) |__ R & D www.mshopf.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]