Diego 'Flameeyes' Pettenò wrote:
On Thursday 18 January 2007, Reinhard Tartler wrote:
Could you have a look at
it and tell me if you think there is a vulnerability?
Yes there's one and it's not isolated, there are a few others too, but as
Matthias said, they are all fixed in CVS. 0.99.4 release was very very unsafe
when it came to format strings; CVS version is fine, but it has a nasty bug
(double click on the video window does not fullscreen.. it crashes down.
This crash has been fixed in xitk/xine-toolkit/xitk.c r1.152 and
reviewed in r1.157.
Cheers,
Hans-Dieter
