Package: gmime2.4 Version: 2.4.14-1 Severity: grave Tags: security Justification: user security hole
Buffer overflow in the GMIME_UUENCODE_LEN macro in gmime/gmime-encodings.h in GMime before 2.4.15 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via input data for a uuencode operation. http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0409 gmime 2.4.15 fixes it. Stable is not affected as gmime2.4 doesn't exist there, and there's #568291 for gmime2.2 (which exists in stable). Cheers, Emilio -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
