From: Tomoaki O. <ok...@so...> - 2007-10-20 07:26:54
|
Hello, I found a buffer overflow vulnerability of t1lib5, i.e. CVE-2007-4033. Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4033 The patch for this problem is included in http://security.ubuntu.com/ubuntu/pool/main/t/t1lib/t1lib_5.1.0-3.diff.gz . $ gzip -dc t1lib_5.1.0-3.diff.gz | sed -ne '45,59p' > CVE-2007-4033.patch is an example command to get the patch. Please apply it to t1lib5 in 10.3/unstable and 10.4/unstable. Thanks, Tomoaki Okayama |