*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: vinagre There's a security issue in Vinagre, where a user could cause a string format attack. These are the relevant upstream commits: http://svn.gnome.org/viewvc/vinagre?view=revision&revision=528 (for hardy) http://svn.gnome.org/viewvc/vinagre?view=revision&revision=525 (for intrepid and jaunty) The problem is in src/vinagre-utils.c @ vinagre_utils_show_error, which is used in vinagre-commands.c @ vinagre_cmd_machine_open via vinagre_utils_show_many_errors. The affected releases are Hardy, Intrepid and Jaunty. Thanks Kees and James for your help! ** Affects: vinagre (Ubuntu) Importance: High Status: Triaged ** Affects: vinagre (Ubuntu Hardy) Importance: Undecided Status: New ** Affects: vinagre (Ubuntu Intrepid) Importance: Undecided Status: New ** Visibility changed to: Public ** Changed in: vinagre (Ubuntu) Importance: Undecided => High Status: New => Triaged -- Possible string format attack https://bugs.launchpad.net/bugs/305623 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
