This bug was fixed in the package sword - 1.5.9-8ubuntu1
---------------
sword (1.5.9-8ubuntu1) hardy; urgency=low
* Fakesync from Debian unstable.
* Fixes CVE-2008-0932. (LP: #195696)
sword (1.5.9-8) unstable; urgency=high
* diatheke failed to use shell_escape for the range parameter
properly, Closes: #466449
sword (1.5.9-7.1) unstable; urgency=medium
[ Luk Claes ]
* Non-maintainer upload.
* Don't ship the libsword.la file anymore (Closes: #444562).
* Don't rely on libclucene.la anymore (Closes: #445776).
sword (1.5.9-7) unstable; urgency=low
* libsword-dev should not depend on libclucene-dev
or libc6-dev, libz-dev, libcurl4-gnutls-dev
* patch 09_pcfile.diff don't link apps to all these libs
* update patch 02_libver.diff link lib to clucene
-- William Grant <[EMAIL PROTECTED]> Sun, 16 Mar 2008
20:59:00 +1100
** Changed in: sword (Ubuntu Hardy)
Status: In Progress => Fix Released
--
[diatheke] [CVE-2008-0932] insufficient input sanitising
https://bugs.launchpad.net/bugs/195696
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
