[maemo-developers] [maemo-developers] IMPORTANT: vulnerability in Application Manager, please check your repositories
From: Andrew Flegg andrew at bleb.orgDate: Wed Oct 25 18:01:11 EEST 2006
- Previous message: [maemo-developers] IMPORTANT: vulnerability in Application Manager, please check your repositories
- Next message: [maemo-developers] IMPORTANT: vulnerability in Application Manager, please check your repositories
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 10/25/06, Marius Vollmer <marius.vollmer at nokia.com> wrote: > > this is embarrassing: there is a buffer overflow in the Application > Manager that is triggered when dealing with package icons that are > larger than 2048 bytes after base64 decoding. Oops. Thanks for the disclosure. > The bug is present in all versions of osso-appliction-manager less > than 4.36, except 4.22.1. Version 4.36 will appear in Sardine > soonish, and 4.22.1 will be in the next maintenance release of IT > 2006. > [snip] This now brings the question of an end-user roadmap back to the fore with a vengenance. To put it bluntly, how long is Nokia going to leave end users vulnerable to possible attacks? When *is* the next maintenance release of IT 2006? Cheers, Andrew -- Andrew Flegg -- mailto:andrew at bleb.org | http://www.bleb.org/
- Previous message: [maemo-developers] IMPORTANT: vulnerability in Application Manager, please check your repositories
- Next message: [maemo-developers] IMPORTANT: vulnerability in Application Manager, please check your repositories
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]