Diego 'Flameeyes' Pettenò <[EMAIL PROTECTED]> writes:

> On Thursday 18 January 2007, Reinhard Tartler wrote:
>> Could you have a look at
>> it and tell me if you think there is a vulnerability?
> Yes there's one and it's not isolated, there are a few others too, but as 
> Matthias said, they are all fixed in CVS. 0.99.4 release was very very unsafe 
> when it came to format strings; CVS version is fine, but it has a nasty bug 
> (double click on the video window does not fullscreen.. it crashes down.

Debian currently ships an CVS snapshot of November 11 2006, not a plain
0.99.4. There wasn't any later release, so I decided to have an snapshot
uploaded. I'll check the logs for further supicous (read: security
related) commits later today.

Thanks for your comment!

-- 
Gruesse/greetings,
Reinhard Tartler, KeyID 945348A4

Attachment: pgp3w7maRon9O.pgp
Description: PGP signature

Reply via email to