Forwarding to the list:
Hi Neutron,
* Neutron Soutmun [EMAIL PROTECTED] [2008-04-21 02:58]:
According to
http://lists.debian.org/debian-mentors/2008/04/msg00251.html
which Paul Wise advice me to contact to the security audit team to
review
my package xiterm+thai
I have no time auditing this bug one thing came to my mind
when I had a look in main.c:
1655 if ((display_name = getenv (DISPLAY)) == NULL)
1656 display_name = :0;
Please fix that code to print an error, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1692 and
According to
http://lists.debian.org/debian-mentors/2008/04/msg00251.html
which Paul Wise advice me to contact to the security audit team to
review
my package xiterm+thai (http://packages.qa.debian.org/x/xiterm%
2Bthai.html)
The issue is setuid/setgid that used in this package for the properly
3 matches
Mail list logo
