On Wed, 2009-04-01 at 23:30 +0200, Moritz Muehlenhoff wrote: > Package: amaya > Severity: grave > Tags: security > > CVE-2009-1209: > Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote attackers > to execute arbitrary code via a script tag with a long defer attribute.
And that's two more... > I suppose removing amaya from unstable would be the most elegant fix here. Sadly, as maintainer, I have to agree at this point. The Amaya source code is such a mess, significant portions of it deserve a complete rewrite. So let's remove it. RegisOn Wed, 2009-04-01 at 23:30 +0200, Moritz Muehlenhoff wrote:
Package: amaya Severity: grave Tags: security CVE-2009-1209: Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote attackers to execute arbitrary code via a script tag with a long defer attribute.
And that's two more...
I suppose removing amaya from unstable would be the most elegant fix here.
Sadly, as maintainer, I have to agree at this point. The Amaya source code is such a mess, some sections deserve a complete rewrite. So let's remove it.
Regis
