-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Wed, 6 Jul 2005 11:59:16 +0000 Source: gedit Binary: gedit-dev gedit-common gedit Architecture: source i386 all Version: 2.8.3-4sarge1 Distribution: stable-security Urgency: high Maintainer: Loic Minier <lool@dooz.org> Changed-By: Steve Kemp <skx@debian.org> Description: gedit - light-weight text editor gedit-common - light-weight text editor support files gedit-dev - light-weight text editor Changes: gedit (2.8.3-4sarge1) stable-security; urgency=high . * Non-maintainer upload by The Security Team. * Fix format string vulnerabilities in calls to gtk_message_dialog_new(), which is possibly remotely exploitable via specially crafted file names or URLs. References: - CVE: CAN-2005-1686, <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1686> - GNOME bug report: <http://bugzilla.gnome.org/show_bug.cgi?id=306800> Files: 99c4beadcf902ee5857c7a3150f4d0ad 1848 gnome optional gedit_2.8.3-4sarge1.dsc cbbd5999141d6de932a0afdd55f1aa35 4051445 gnome optional gedit_2.8.3.orig.tar.gz 96de2c7d0d757d867f46d36490e0ee92 54443 gnome optional gedit_2.8.3-4sarge1.diff.gz d8519b91f1a8aeba351b1eca19c17712 1826070 gnome optional gedit-common_2.8.3-4sarge1_all.deb 01d42b323e7ffdd2a6aba454996a5a48 44346 devel optional gedit-dev_2.8.3-4sarge1_all.deb 7162c0ac1f1a7ccd2a315d5b4f01f5d2 470122 gnome optional gedit_2.8.3-4sarge1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFCy7vtwM/Gs81MDZ0RAvP5AKDdtYVRRxAcBc6XjN5JVWa9DEvIsQCdE73w y8c6Rh4qDEeINhXHBvvWR9E= =I/VY -----END PGP SIGNATURE----- Accepted: gedit-common_2.8.3-4sarge1_all.deb to pool/main/g/gedit/gedit-common_2.8.3-4sarge1_all.deb gedit-dev_2.8.3-4sarge1_all.deb to pool/main/g/gedit/gedit-dev_2.8.3-4sarge1_all.deb gedit_2.8.3-4sarge1.diff.gz to pool/main/g/gedit/gedit_2.8.3-4sarge1.diff.gz gedit_2.8.3-4sarge1.dsc to pool/main/g/gedit/gedit_2.8.3-4sarge1.dsc gedit_2.8.3-4sarge1_i386.deb to pool/main/g/gedit/gedit_2.8.3-4sarge1_i386.deb -- To UNSUBSCRIBE, email to debian-testing-changes-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org