[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnash-dev] is CVE-2007-2500 fixed in gnash HEAD?
From: |
strk |
Subject: |
Re: [Gnash-dev] is CVE-2007-2500 fixed in gnash HEAD? |
Date: |
Wed, 9 May 2007 12:02:44 +0200 |
On Wed, May 09, 2007 at 10:07:50AM +0200, Patrice Dumas wrote:
> Hello,
>
> I have been notified that there was a security vulnerability in gnash
> 7.2:
> http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2500
>
> Is it fixed in HEAD? Is there a patch lying around for that issue?
Yep, should be fixed, see:
https://savannah.gnu.org/bugs/?19774
Having a file to test would help.
See http://www.gnashdev.org/wiki/index.php/Reference#Testing_tools
if you want to try finding robustness problems in Gnash. It should
be an interesting task...
(http://sam.zoy.org/zzuf/ deterministic spurious input provider tool)
--strk;