Fix for 1.2.5 is based on upstream's suggestion about how to prevent the issue in a minimally invasive way. Upstream includes in 1.2.9 a test for this vulnerability in t/11. If vulnerable, the test will cause a segfault. NCommander verified for me that with these changes (he just tested Hardy, but it should be the same for all) it passes the test and fails without the update.
-- Unspecified buffer overflow https://bugs.launchpad.net/bugs/287534 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
