Package: newt Severity: grave Tags: security patch Hi
There is a buffer overflow in textbox.c. This issue is CVE-2009-2905. In textbox.c the following patch has been applied. - result = malloc(strlen(text) + (strlen(text) / width) + 2); + result = malloc(strlen(text) + (strlen(text) / (width - 1)) + 2); Cheers Steffen _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
