Subject: stardict broadcasts clipboard context over network
Package: stardict
Version: 3.0.1-4.1
Justification: user security hole
Severity: grave
Tags: security
*** Please type your report below this line***
In default config "enable net dict" is selected, it attempts to grab
clipboard and sends it over network⦠Unfortunately, not nearly all
data in clipboard are meant for translation, and some may be pretty
sensitive.
β System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.30 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=cs_CZ (charmap=ISO-8859-2)
Shell: /bin/sh linked to /bin/bash
Versions of packages stardict depends on:
ii stardict-gnome 3.0.1-4.1 International dictionary
for GNOME
stardict recommends no packages.
stardict suggests no packages.
β no debconf information
β
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html