On Sat, Jun 4, 2011 at 6:50 AM, Daniel Macks <dmacks@...2516...> wrote:
On Fri, 3 Jun 2011 13:49:23 -0700, Josh Andler wrote: Hey all,
Apparently there is an exploit in the gtk we ship with 0.48.1. Given that the recently updated devlibs required modifying trunk to compile, it seems logical to just ship out the fixes that have landed in the 0.48 branch since .1 was released.
Do you have a link for this exploit? Trying to decide how to prioritize pushing this update when it's released (and also see if any other things with "their own" libgtk have an affected version).
As far as I know, it is not reported publicly at this point and the information was emailed to me. The information I can readily share is that it was known to be present in the copy of GTK+ 2.16.6 that we shipped with Inkscape 0.48.0 and Inkscape 0.48.1 and not present in the one that GIMP 2.6.11 ships, so it was fixed along the way.
Cheers, Josh