Package: chmlib Version: 0.35-1 Severity: grave Tags: security Justification: user security hole
According to the following url, the changes in the new version of chmlib fix major security issues. http://freshmeat.net/projects/chmlib/?branch_id=22229&release_id=206344 MS CHM library 0.36 Updated: Fri, Sep 9th 2005 07:08 PDT (today) Release focus: Major security fixes Changes: A couple of serious security issues have been reported recently which allowed a carefully-crafted chm file to result in a buffer overflow. This release fixes these problems. Anyone using an earlier release and reading chm files from untrusted sources should upgrade to 0.36. Author: Jed Wing Homepage: http://morte.jedrea.com/~jedwin/projects/chmlib/ New version: http://morte.jedrea.com/~jedwin/projects/chmlib/chmlib-0.36.tgz -- System Information: Debian Release: unstable APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12-1-k7 Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Versions of packages chmlib depends on: ii libc6 2.3.5-6 GNU C Library: Shared libraries an -- bye, pabs http://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
