Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: gnusound 0.7.5 file name handling format string issue
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 30 Jan 2012 19:29:18 -0700

On 01/30/2012 07:26 PM, Kurt Seifried wrote:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654270#24

Package: gnusound
Version: 0.7.5-3
Severity: serious

which was the last release in 2008.

diff --git a/src/gtk2/gui_dialogs.c b/src/gtk2/gui_dialogs.c
index e85cf88..540e67a 100644
--- a/src/gtk2/gui_dialogs.c
+++ b/src/gtk2/gui_dialogs.c
@@ -56,6 +56,7 @@ gui_yes_no(const char *title,
                                     GTK_DIALOG_MODAL,
                                     GTK_MESSAGE_QUESTION,
                                     GTK_BUTTONS_YES_NO,
+                                    "%s",
                                     message);
     button = gtk_dialog_run(GTK_DIALOG(dialog));
     switch(button) {
@@ -95,6 +96,7 @@ gui_alert(const char *format,
                                     GTK_DIALOG_MODAL,
                                     GTK_MESSAGE_INFO,
                                     GTK_BUTTONS_CLOSE,
+                                    "%s",
                                     wordwrap(message, 60));
     gtk_dialog_run(GTK_DIALOG(dialog));
     gtk_widget_destroy(dialog);



Please use CVE-2012-0824 for this issue.


-- 
Kurt Seifried Red Hat Security Response Team (SRT)


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]