Le mardi 23 décembre 2008 à 16:29 +0100, Nico Golde a écrit : > Hi, > CCed upstream. > > I am not sure if it is enough to just fix this CVE id. > Browsing a bit in the code reveals quite a lot of additional > buffer overflows.
The new release 11.0.1 published today fixes several buffer overflows. Your new reported overflow should be fixed in that release. Nevertheless we plan to make a new corrective release end of January. Regards -- Irene Vatton <irene.vat...@inria.fr> INRIA -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
