Bug#550440: advi: CVE-2009-2295 arbitrary code execution
Michael S Gilbert a écrit :
> Package: advi
> Version: 1.6.0-12
> Severity: serious
> Tags: security
>
> Hi,
>
> The following CVE (Common Vulnerabilities & Exposures) id was
> published for camlimages. advi statically links to camlimages, so any
> issues in that package are also applicable to advi. There were already
> updates to camlimages for etch an lenny, so advi just needs to be
> relinked using those new versions. Please coordinate these updates with
> the security team.
>
During last July, Thijs Kinkhorst had some problems to build correctly
build advi on etch because of the LaTeX bomb :)
I've no idea how to fix that issue but, at that time, Moritz Muehlenhoff
mentioned that the problem was fixed in oldstable-proposed and suggested
to use it as a workaround.
Has someone tried to build advi again on etch?
(CC-ing the security team to have more informations)
Cheers,
--
Mehdi Dogguy مهدي الدڤي
http://dogguy.org/
Reply to: