Hi, I uploaded an NMU of your package.
Please see this as help to get the package into a releaseable condition again. Please find the used diff below. Cheers, Andi diff -Nur ../tinymux-2.4.3.31~/debian/changelog ../tinymux-2.4.3.31/debian/changelog --- ../tinymux-2.4.3.31~/debian/changelog 2007-06-23 13:49:48.000000000 +0000 +++ ../tinymux-2.4.3.31/debian/changelog 2007-06-23 13:51:26.000000000 +0000 @@ -1,3 +1,10 @@ +tinymux (2.4.3.31-1.1) unstable; urgency=medium + + * Non-maintainer upload. + * Fix buffer overflow CVE-2007-1655. Closes: #417539 + + -- Andreas Barth <[EMAIL PROTECTED]> Sat, 23 Jun 2007 13:49:59 +0000 + tinymux (2.4.3.31-1) unstable; urgency=low * New upstream release diff -Nur ../tinymux-2.4.3.31~/src/funmath.cpp ../tinymux-2.4.3.31/src/funmath.cpp --- ../tinymux-2.4.3.31~/src/funmath.cpp 2006-09-12 00:11:01.000000000 +0000 +++ ../tinymux-2.4.3.31/src/funmath.cpp 2007-06-23 13:52:05.000000000 +0000 @@ -311,7 +311,8 @@ } char *cp = trim_space_sep(fargs[0], &sep); - while (cp) + while ( cp + && n < (LBUF_SIZE+1)/2) { char *curr = split_token(&cp, &sep); g_aDoubles[n++] = mux_atof(curr); -- http://home.arcor.de/andreas-barth/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]