[566] in linux-security and linux-alert archive
Re: restorefont security hole
daemon@ATHENA.MIT.EDU (Michael Weller)
Mon Jan 15 17:52:47 1996
Date: Mon, 15 Jan 1996 21:57:10 +0100
From: Michael Weller <eowmob@exp-math.uni-essen.de>
To: linux-security@tarsier.cv.nrao.edu
Thx for reporting that one, however, have a look at the Readme's of
svgalib and see that Harm (hhanemaa@cs.ruu.nl) is away from the net and
I look after svgalib instead of him now.
Consider the problem fixed for the next release of svgalib (will be
1.2.10).
Let me add on as well, that svgalib is not really intended for security
sensitive systems. Even if there are not that many security problems
it can easily crash your system (and does for some bad behaved apps).
Simply: If you have to run a rock-solid, stable, and sensitive system:
Don't run svgalib on it. (at least not w/o double checking each
program (including tools) you run on it for stability).
Michael.
