On Thursday 18 January 2007, Reinhard Tartler wrote: > Could you have a look at > it and tell me if you think there is a vulnerability? Yes there's one and it's not isolated, there are a few others too, but as Matthias said, they are all fixed in CVS. 0.99.4 release was very very unsafe when it came to format strings; CVS version is fine, but it has a nasty bug (double click on the video window does not fullscreen.. it crashes down.
-- Diego "Flameeyes" Pettenò - http://farragut.flameeyes.is-a-geek.org/ Gentoo/Alt lead, Gentoo/FreeBSD, Video, Sound, ALSA, PAM, KDE, CJK, Ruby ...
pgpmtDny6AOiB.pgp
Description: PGP signature
