This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
SECURITY: typespeed (CVE-2006-1515)
- From: "Yaakov S (Cygwin Ports)" <yselkowitz at users dot sourceforge dot net>
- To: cygwin-apps at cygwin dot com
- Date: Mon, 19 Jun 2006 15:52:14 -0500
- Subject: SECURITY: typespeed (CVE-2006-1515)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
A buffer overflow has been discovered in the addnewword() function of
Typespeed's network code.
Workaround: Don't run typespeed in multiplayer mode.
Solution: Upgrade to >= 0.5.1. (0.5.0 fixed the security bug, but
introduced some functionality bugs fixed in 0.5.1.)
More information:
http://security.gentoo.org/glsa/glsa-200606-20.xml
http://bugs.gentoo.org/show_bug.cgi?id=135071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1515
Yaakov
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFElw5+piWmPGlmQSMRAkUtAJwKqWWpoTJGGrx/1UN6pQ7akZYvoQCghifc
RxjBwGdU+dLXo4vXo62rk9I=
=pZ7E
-----END PGP SIGNATURE-----