sthen
f6c9102d1a
updated patch from Rob Holland, his commentary: ...
"Andreas Tille, the Debian WordNet maintainer, noticed a bug in my
patch. The bug is not security related, but causes incorrect behaviour
in WordNet.
I replaced a strncpy(s1, s2, strlen(s2)) with a strcpy forgetting that
strncpy invoked that way would always omit the trailing \0 (as the \0
would always be at strlen(s2) + 1). This resulted in a truncation of
output from WordNet which relied on the previous behavior which it
used to 'patch' s1. I've now adjusted the strncpy to be a memcpy and
added a comment, to make the intent of the code clear. (Using a str*
function when you don't wish any handling of \0 is unintuitive to me,
hence my mistake). [..] Apologies for the error."
thanks Rob for the exemplary handling of this advisory. Notifications
to package maintainers and follow-ups are almost unheard-of and very
welcome.
2008-09-06 21:49:15 +00:00
2007-09-15 23:54:16 +00:00
2007-10-26 22:00:31 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2008-01-04 17:48:33 +00:00
2007-07-30 15:30:26 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2008-07-04 11:18:28 +00:00
2008-07-04 11:12:53 +00:00
2007-09-15 23:54:16 +00:00
2008-02-01 20:26:42 +00:00
2008-06-30 12:58:04 +00:00
2007-10-07 09:42:03 +00:00
2007-10-27 07:38:13 +00:00
2008-04-22 20:52:49 +00:00
2008-07-22 08:17:52 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2007-11-14 09:43:39 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2008-08-19 22:17:49 +00:00
2008-06-14 15:49:21 +00:00
2008-01-04 17:48:33 +00:00
2008-07-25 20:25:59 +00:00
2008-06-09 15:45:28 +00:00
2007-10-08 08:22:38 +00:00
2007-11-21 14:30:35 +00:00
2007-09-15 23:54:16 +00:00
2008-08-20 15:45:24 +00:00
2007-11-14 09:43:39 +00:00
2007-07-04 09:24:21 +00:00
2007-07-16 15:41:35 +00:00
2008-06-05 00:53:22 +00:00
2007-11-14 09:43:39 +00:00
2007-09-15 23:54:16 +00:00
2007-12-27 17:42:50 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2008-01-04 17:48:33 +00:00
2007-09-15 23:54:16 +00:00
2008-09-01 08:51:03 +00:00
2008-01-25 10:38:27 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2008-07-16 12:38:41 +00:00
2008-01-13 18:53:44 +00:00
2008-07-12 14:12:10 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2007-10-10 14:46:05 +00:00
2007-09-15 23:54:16 +00:00
2008-08-22 20:18:22 +00:00
2008-01-04 17:48:33 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2008-06-21 19:39:04 +00:00
2007-10-08 08:22:38 +00:00
2008-05-11 19:41:20 +00:00
2008-01-03 21:51:54 +00:00
2008-05-14 20:03:47 +00:00
2008-08-20 00:06:20 +00:00
2007-09-15 23:54:16 +00:00
2007-09-01 20:11:21 +00:00
2007-09-15 23:54:16 +00:00
2008-07-28 11:44:17 +00:00
2007-09-16 20:58:19 +00:00
2008-04-11 22:19:36 +00:00
2007-10-26 22:00:31 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2008-08-20 14:57:57 +00:00
2008-05-15 18:47:48 +00:00
2007-09-15 23:54:16 +00:00
2007-10-26 22:00:31 +00:00
2007-05-31 03:15:50 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2008-03-30 22:08:30 +00:00
2008-09-06 21:49:15 +00:00
2008-06-05 00:53:22 +00:00
2007-09-15 23:54:16 +00:00
2007-09-15 23:54:16 +00:00
2007-11-14 09:43:39 +00:00
2007-11-14 09:43:39 +00:00
2008-01-04 17:48:33 +00:00
2007-11-14 09:43:39 +00:00
2007-11-14 09:43:39 +00:00
2007-09-15 23:54:16 +00:00
2008-07-01 10:10:24 +00:00
2008-07-09 11:22:02 +00:00
f6c9102d1a