Kalle A. Sandstr"om a écrit : > Package: libc6 > Version: 2.7-4 > > libc6 as found in testing and in unstable (versions 2.7-3 and 2.7-4 > respectively) have a bug in the vfscanf() implementation, found in the file > glibc-2.7/stdio-common/vfscanf.c . The bug causes a pointer originally > procured from alloca() to be passed to free(), resulting in a predictable > kaboom. > > The GNU libc development team has since fixed this bug, according to the CVS > browser view at [1]; note revision 1.128 in particular. > > This issue turned up while trying to use genext2fs after a libc6 upgrade > from testing. The genext2fs package has an apparently related FTBFS bug > logged on it right now. > > I would characterize this bug as critical: it causes previously working > programs to crash through no fault of their own, and might be speculated to > affect any program that took the easy route with configuration parsing by > feeding input lines to sscanf(), much as genext2fs does. >
Already reported, already fixed in SVN. -- .''`. Aurelien Jarno | GPG: 1024D/F1BCDB73 : :' : Debian developer | Electrical Engineer `. `' [EMAIL PROTECTED] | [EMAIL PROTECTED] `- people.debian.org/~aurel32 | www.aurel32.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
