[VIM] LaTeX2rtf vendor acknowledgement (Sep 2004)
Steven M. Christey
coley at mitre.org
Thu Jun 16 18:12:40 EDT 2005
The expandmacro() buffer overflow in LaTeX2rtf 1.9.15 was addressed by
the vendor.
http://cvs.sourceforge.net/viewcvs.py/latex2rtf/latex2rtf/definitions.c?rev=1.22&view=log
The "Sat Oct 2 18:31:00 2004" entry says "avoid buffer overruns in
macro expansion that can be security holes reported by
D. J. Bernstein".
(CVE candidate pending. Cross-refs: BID:11233, SECTRACK:1011367,
OSVDB:10216, XF:latex2rtf-expandmacro-bo(17460))
- Steve
More information about the VIM
mailing list