Six more + gpsd: msg#00023

Download Firefox: Windows, Mac OS X

Six more + gpsd: msg#00023

Subject:	Six more + gpsd

Hello,

I have a bunch of new Debian bugs:

http://bugs.debian.org/290822 (billard-gl)
http://bugs.debian.org/291613 (xshisen again.. aaarghh!)
http://bugs.debian.org/291620 (ltris)
http://bugs.debian.org/291635 (man2html)
http://bugs.debian.org/292263 (scummvm)
http://bugs.debian.org/292264 (penguin-command)

I can officially say that  fscanf(fp, "%s", buf);  has
replaced  sprintf(buf, "%s/blah", getenv("HOME"));  as
my biggest hate object.

Joey Hess has found even more security problems with xshisen
(#292065), so people are debating removing the gid-ness from
that nice game.

KF found my format string bug in gpsd (#292370)! I can't prove
it, but I really found that bug too some time ago. I meant to
audit the rest of gpsd (bad idea?), but I didn't for some
reason, and now he's found it too and made it public. Oh well.

-- 
Ulf Harnhammar
http://www.advogato.org/person/metaur/

Special educational offers, white papers, webcasts, podcasts

WEBCAST: Register for “The Business Benefits of Enterprise Mashups” (Case Study)

WEBCAST: How to deploy and use WebSphere and VMware together” (Case Study)

WHITE PAPER: Writing Good Software Systems Development Use Cases. (Best Practices)

WHITE PAPER: Best practices for software analysis (Best Practices)

DOWNLOAD: Regis ter for Rational Trial Software Download – Rational Team Concert Free Information

<Prev in Thread]	Current Thread	[Next in Thread>

Previous by Date:	DSA-650-1: diatheke/sword arbitrary command execution, Ulf Härnhammar
Next by Date:	A few more bugs published in the web pages, Javier Fernández-Sanguino Peña
Previous by Thread:	DSA-650-1: diatheke/sword arbitrary command execution, Ulf Härnhammar
Next by Thread:	Re: Six more + gpsd, Steve Kemp
Indexes:	[Date] [Thread] [Top] [All Lists]

^^^ ADDITIONAL NAVIGATION ^^^

Recently Viewed:
text.xml.rpc.sp... handhelds.maemo... sports.autoraci... linux.debian.ap... xfree86.expert/... file-systems.op... ietf.ediint/199... bbc.cvs/2003-02... apache.maven.no... java.appfuse.us... web.zope.genera... gnu.libtool.cvs... debian.devel.gl... python.lxml.dev... multimedia.matr... kde.events/2006... education.class... redhat.rpm.atrp... user-groups.lin... yellowdog.gener... culture.languag... video.blender.d... org.user-groups... network.samba.j...

Home | blog view, Court Document Archive | USPTO Patent Archive (NEW!) | advertise | OSDir is an inevitable website. super tiny logo