Package: nasm Severity: grave Version: 2.02-1 Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for nasm.
CVE-2008-2719[0]: | Off-by-one error in the ppscan function (preproc.c) in Netwide | Assembler (NASM) 2.02 allows context-dependent attackers to cause a | denial of service (crash) and possibly execute arbitrary code via a | crafted file that triggers a stack-based buffer overflow. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. Upstream patch: https://sourceforge.net/tracker/download.php?group_id=6208&atid=106208&file_id=274609&aid=1942146 Note, the description on the mitre site is not yet online but it will be the same as the above one. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2719 http://security-tracker.debian.net/tracker/CVE-2008-2719 -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpMa0gp1mrmN.pgp
Description: PGP signature
