Comment 7 for bug 507939

This bug was fixed in the package libthai - 0.1.9-4ubuntu0.9.04.2

---------------
libthai (0.1.9-4ubuntu0.9.04.2) jaunty-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via long strings
    (LP: #507939)
    - src/thbrk/brk-maximal.c: validate size of n_brk_pos before malloc.
    - src/thbrk/thbrk.c: validate size of n_brk_pos before malloc, and
      perform error checking.
    - Patches from Debian DSA-1971-1
    - CVE-2009-4012
 -- Marc Deslauriers <email address hidden> Fri, 15 Jan 2010 08:28:44 -0500