I finally had a chance to finish looking at this problem. It's a buffer overflow in pkgdata. The pkgdata program is fast and loose with C strings. It copies stuff all over the place into buffers without checking lengths. Coincidentally, someone else just also found this and reported it upstream. I added some comments and worked around it by drastically increasing the buffer sizes. I'll be uploading a new version shortly. Hopefully upstream will do an analysis and fix it right. In any case, pkgdata is generally used only when building ICU, so I don't believe this constitutes a security issue.
--Jay -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
