-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Thu, 15 May 2008 14:20:57 +0200 Source: wordnet Binary: wordnet wordnet-dev wordnet-base wordnet-sense-index wordnet-grind dict-wn Architecture: source all i386 Version: 1:3.0-10 Distribution: unstable Urgency: high Maintainer: Andreas Tille <tille@debian.org> Changed-By: Andreas Tille <tille@debian.org> Description: dict-wn - electronic lexical database of English language for dict wordnet - electronic lexical database of English language wordnet-base - electronic lexical database of English language wordnet-dev - electronic lexical database of English language wordnet-grind - WordNet lexicographer files processor wordnet-sense-index - electronic lexical database of English language Closes: 481186 Changes: wordnet (1:3.0-10) unstable; urgency=high . * Fix CVE-2008-2149: buffer overflows by limiting the length of the string in sprintf format string Closes: #481186 Please note: The WordNet code contains several other occurences of potentially exploitable functions like strcpy()/strcat()/... and so even if there are no known exploits the code needs a full security audit. * Mentioned the potential security issues in README.Debian Checksums-Sha1: 877fca56c3ac4b217cdf55f89c56b14798bfd107 1227 wordnet_3.0-10.dsc ff8507333e165283a960ac769db62fb4e1ba0e16 68038 wordnet_3.0-10.diff.gz e7e671b1abce7422d9aaf6296ad1d9730fefdaee 8759496 wordnet-base_3.0-10_all.deb a82a66c017d26ea50cfad2acbec5886e855ce414 2241376 wordnet-sense-index_3.0-10_all.deb 15c9f9224731f2e3d89caf6e63deda14c2f82204 10893236 dict-wn_3.0-10_all.deb 87570974f02f518e8ebd4c5d7554c270d06c1102 104074 wordnet_3.0-10_i386.deb 9110e4fbf5a30176d3625edcb33f4d808ad666a4 61316 wordnet-dev_3.0-10_i386.deb 15c59c768d15e389f843d1ef5710d2b420afd3ef 40916 wordnet-grind_3.0-10_i386.deb Checksums-Sha256: 3f35eec4645acbf0ed87c9704dd4b27be24d3c6deb9f82974ef6cc462a21919a 1227 wordnet_3.0-10.dsc 3c2f1c1e15f4eb54ec39315e9bf2327d7ca61711baf15d949183ddcece297c9f 68038 wordnet_3.0-10.diff.gz 9bc884b844dd5ea3de93ee3171a7334dc8e2fba9417feabed7277694bd2de1d8 8759496 wordnet-base_3.0-10_all.deb 39e996e1a2ce90f7683e121bd24356051d3f575dd87e2e016d7a95712d26616f 2241376 wordnet-sense-index_3.0-10_all.deb 71634b25150b035bb407d1f97f3ad17ac59c0119a2460774b01d2c23a74e4f45 10893236 dict-wn_3.0-10_all.deb f16458352bf0b1565d0afafc0d7e24805241eb74661a3e4630a5c4b06094bf1a 104074 wordnet_3.0-10_i386.deb 3a9452beb9541f3165dea3dcfe4936a0811804666ac04406d8b0bf4283ce68c6 61316 wordnet-dev_3.0-10_i386.deb 529fd03362227a2095070178e9766104c7e206eaa2d03c6c285359363bb96289 40916 wordnet-grind_3.0-10_i386.deb Files: 10934dc8536f76c16402a05849db7c9e 1227 text optional wordnet_3.0-10.dsc 108ca9c7c738fe7c6a8d63b9757c61d4 68038 text optional wordnet_3.0-10.diff.gz 57a88da8a5e291637a7aafabb8045ea7 8759496 text optional wordnet-base_3.0-10_all.deb 685e2aa8e2adfd5f1ecc26177ca0368e 2241376 text extra wordnet-sense-index_3.0-10_all.deb 8ba0754d8442541279e65971dfd84cd4 10893236 text optional dict-wn_3.0-10_all.deb 3085204765ee84c6a4af4c49fbc9e151 104074 text optional wordnet_3.0-10_i386.deb d12a8a6f02206b0cf2576a892c39bf6c 61316 devel optional wordnet-dev_3.0-10_i386.deb f10c10a5aa4bdaba562ab878b9b735cb 40916 text extra wordnet-grind_3.0-10_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFILYKMYDBbMcCf01oRAmMhAJ9MQsn1aS6VDXip9DrSnx4ZbYFsUgCgjs5Q S9FCFUewXCGKXLmCu1ujLkI= =f7fq -----END PGP SIGNATURE----- Accepted: dict-wn_3.0-10_all.deb to pool/main/w/wordnet/dict-wn_3.0-10_all.deb wordnet-base_3.0-10_all.deb to pool/main/w/wordnet/wordnet-base_3.0-10_all.deb wordnet-dev_3.0-10_i386.deb to pool/main/w/wordnet/wordnet-dev_3.0-10_i386.deb wordnet-grind_3.0-10_i386.deb to pool/main/w/wordnet/wordnet-grind_3.0-10_i386.deb wordnet-sense-index_3.0-10_all.deb to pool/main/w/wordnet/wordnet-sense-index_3.0-10_all.deb wordnet_3.0-10.diff.gz to pool/main/w/wordnet/wordnet_3.0-10.diff.gz wordnet_3.0-10.dsc to pool/main/w/wordnet/wordnet_3.0-10.dsc wordnet_3.0-10_i386.deb to pool/main/w/wordnet/wordnet_3.0-10_i386.deb