Package: newt Severity: grave Tags: security patch Hi
There is a buffer overflow in textbox.c. This issue is CVE-2009-2905. In textbox.c the following patch has been applied. - result = malloc(strlen(text) + (strlen(text) / width) + 2); + result = malloc(strlen(text) + (strlen(text) / (width - 1)) + 2); Cheers Steffen -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
