kde 4.4.80-1 & 4.4.85
Kevin Kofler
kevin.kofler at chello.at
Fri Jun 18 22:20:01 UTC 2010
Thomas Janssen wrote:
> Ah, thanks. I did just recall the stream analyzer problem, but didn't
> know what exactly happened. That explains it.
Of course, the fact that the GZip analyzer crashed on the (from its POV)
invalid input is a bad sign, this appears to be a DoS vulnerability or
worse.
Strigi analyzers seem quite crash-prone to me, not very confidence-inspiring
for something which can run on untrusted (e.g. downloaded from some web
page) files.
Kevin Kofler
More information about the kde
mailing list