Package: wordnet Severity: grave Tags: security Justification: user security hole
Hi The following CVE(0) has been issued against wordnet. CVE-2008-2149: Stack-based buffer overflow in the searchwn function in Wordnet 2.0, 2.1, and 3.0 might allow context-dependent attackers to execute arbitrary code via a long command line option. NOTE: this issue probably does not cross privilege boundaries except in cases in which Wordnet is used as a back end. More information can be found in the gentoo bugreport(1). I filled it as an RC bug, because wordnet is sometimes used as a backend for web applications Please mention the CVE id in your changelog, when you fix this bug. Cheers Steffen (0): http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2149 (1): https://bugs.gentoo.org/show_bug.cgi?id=211491 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
