Package: xfig Severity: important Tags: security Hi, please see https://bugzilla.redhat.com/show_bug.cgi?id=659676 for details and a patch. Please fix this for Squeeze.
The attack vector is fairly obscure, so we don't need a DSA for it, you could fix it through a point update, though: http://www.debian.org/doc/developers-reference/pkgs.html#upload-stable Cheers, Moritz -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash Versions of packages xfig depends on: ii libc6 2.11.2-7 Embedded GNU C Library: Shared lib ii libjpeg62 6b1-1 The Independent JPEG Group's JPEG ii libpng12-0 1.2.44-1 PNG library - runtime ii libx11-6 2:1.3.3-4 X11 client-side library ii libxi6 2:1.3-5 X11 Input extension library ii libxpm4 1:3.5.9-1 X11 pixmap library ii libxt6 1:1.0.7-1 X11 toolkit intrinsics library ii xaw3dg 1.5+E-18 Xaw3d widget set Versions of packages xfig recommends: pn transfig <none> (no description available) pn xfig-libs <none> (no description available) Versions of packages xfig suggests: pn cupsys-client | lpr <none> (no description available) ii ghostscript-x [gs] 8.71~dfsg2-6 The GPL Ghostscript PostScript/PDF ii gimp 2.6.11-1 The GNU Image Manipulation Program ii gs 8.64~dfsg-1.1 Transitional package pn gsfonts-x11 <none> (no description available) ii netpbm 2:10.0-12.2+b1 Graphics conversion tools between pn spell <none> (no description available) pn xfig-doc <none> (no description available) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
