[VIM] Vendor ACK and version corrections for gxine (CAN-2005-1692)

security curmudgeon jericho at attrition.org
Sat May 28 05:43:44 EDT 2005

: In addition, the changelog makes it clear that there is vendor
: acknowledgement:
:   http://cvs.sourceforge.net/viewcvs.py/xine/gnome-xine/ChangeLog?rev=HEAD&content-type=text/vnd.viewcvs-markup
: An item for 0.4.5 says "SECURITY FIX (pst.advisory 2005-21) 
: Remotely-exploitable missing-format-string vulnerability in some message 
: dialogue boxes."

Also of interest:

  + [SECURITY] fix a buffer overflow in the HTTP fetch code

0.4.0 was released 2004-12-11

More information about the VIM mailing list