found 465643 1.96.3-1 found 465643 1.97.8-1 thanks On Wed, Feb 13, 2008 at 06:00:52PM +0100, Nico Golde wrote: > Package: tintin++ > Version: 1.97.9-1 > Severity: grave > Tags: security > > Hi, > the following CVE (Common Vulnerabilities & Exposures) ids were > published for tintin++. > > CVE-2008-0673[0]: > | TinTin++ 1.97.9 and WinTin++ 1.97.9 open files on the basis of an > | inbound file-transfer request, before the user has an opportunity to > | decline the request, which allows remote attackers to truncate > | arbitrary files in the top level of a home directory. > > CVE-2008-0672[1]: > | The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 > | allows remote attackers to cause a denial of service (application > | crash) via a YES message without a newline character, which triggers a > | NULL dereference. >
At least this one is stable and testing. > CVE-2008-0671[2]: > | Stack-based buffer overflow in the add_line_buffer function in > | TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to execute > | arbitrary code via a long chat message, related to conversion from LF > | to CRLF. > ... I will be in VAC without reliable internet access from tomorrow. So if this problem gets a patch from this 3 problems and somebody wants to NMU it, it is welcome. If you are a user of tintin++, as temporal solution you should not use #chat until this problem is patched. Ana -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
