This is an automated email from the git hooks/post-receive script. x2go pushed a commit to tag 1.14.3.1 in repository vcxsrv. commit 1c038fd0033fc8ba7dcc6b306ce218640365ffbb Author: Mike DePaulo <mikedep333@gmail.com> Date: Sat Apr 5 12:03:22 2014 -0400 Fix CVE-2013-6462 (2014-01-07). The fix is included in upstream libXfont 1.4.7 . --- libXfont/src/bitmap/bdfread.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libXfont/src/bitmap/bdfread.c b/libXfont/src/bitmap/bdfread.c index e2770dc..e11c5d2 100644 --- a/libXfont/src/bitmap/bdfread.c +++ b/libXfont/src/bitmap/bdfread.c @@ -338,7 +338,7 @@ bdfReadCharacters(FontFilePtr file, FontPtr pFont, bdfFileState *pState, char charName[100]; int ignore; - if (sscanf((char *) line, "STARTCHAR %s", charName) != 1) { + if (sscanf((char *) line, "STARTCHAR %99s", charName) != 1) { bdfError("bad character name in BDF file\n"); goto BAILOUT; /* bottom of function, free and return error */ } -- Alioth's /srv/git/code.x2go.org/vcxsrv.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/vcxsrv.git