On Thu, Nov 24, 2011 at 11:05:05AM +0900, NOKUBI Takatsugu wrote: > I wrote a DSA draft, check it please. > > BTW, JVN's workaround is not correct. There is also the same problem > in ChaSen 2.3.3. > > -- > DSA-xxxx-1 chasen -- buffer overflow > > Affected Packages: > libchasen2 > libchasen-dev > libtext-chasen-perl
Does that mean that the vulnerable code is also present in libtext-chasen-perl? Please prepare updated packages for stable-security. http://www.debian.org/doc/manuals/developers-reference/pkgs.html#bug-security You need to build the package with "-sa" Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
