[ Please CC me, I'm not subscribed ] Hi folks, There's an string format attack exploit in Vinagre. I cherry-picked the fix from upstream and it's already been uploaded to unstable: http://lists.debian.org/debian-devel-changes/2008/12/msg00267.html These are the relevant commits to the upstream SVN repo, and the two releases that were made: http://svn.gnome.org/viewvc/vinagre?view=revision&revision=525 http://svn.gnome.org/viewvc/vinagre?view=revision&revision=528 http://mail.gnome.org/archives/ftp-release-list/2008-December/msg00051.html http://mail.gnome.org/archives/ftp-release-list/2008-December/msg00050.html Also, I'm preparing updates for Ubuntu, here's the relevant bug report: https://launchpad.net/bugs/305623 Release Team, please unblock the package so that the fix is included in Lenny. Thanks, Emilio
Attachment:
signature.asc
Description: OpenPGP digital signature