Ubuntu
wordnet package

  1. Bug #267067
  2. Comment #14

Comment 14 for bug 267067

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

wordnet (1:3.0-6ubuntu0.1) hardy-security; urgency=low

  * SECURITY UPDATE: Stack overflows fed via the command line, environment
    variables or WordNet library calls can result in arbitrary code
    execution. (Closes LP: #257067)
  * 50_CVE-2008-2149_buffer_overflows.dpatch:
    - buffer overflow patch ( <email address hidden> (tille: 0) ).
  * 51_overflows.dpatch:
    - ocert patch to address additional potential security exploits.
  * 51_overflows_memcpy.dpatch:
    - Fix part of oCERT patch that breaks 'wordnet test -synsn'.
  * References
    http://www.ocert.org/advisories/ocert-2008-014.html
    CVE-2008-2149