Package: cscope Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for cscope.
CVE-2009-0148[0]: | Multiple buffer overflows in Cscope before 15.7a allow remote | attackers to execute arbitrary code via long strings in input such as | (1) source-code tokens and (2) pathnames, related to integer overflows | in some cases. NOTE: this issue exists because of an incomplete fix | for CVE-2004-2541. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0148 http://security-tracker.debian.net/tracker/CVE-2009-0148 -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpcO79xhFgkS.pgp
Description: PGP signature
