Package: newt Severity: grave Tags: security patch Hi
There is a buffer overflow in textbox.c. This issue is CVE-2009-2905. In textbox.c the following patch has been applied. - result = malloc(strlen(text) + (strlen(text) / width) + 2); + result = malloc(strlen(text) + (strlen(text) / (width - 1)) + 2); Cheers Steffen -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
