Another buffer overflow was discovered in xbl, distinct from the one
addressed in DSA-327 (CAN-2003-0451), involving the
-display
command
line option. This vulnerability could be exploited by a local
attacker to gain gid ‘games’.
For the stable distribution (woody) this problem has been fixed in
version 1.0k-3woody2.
For the unstable distribution (sid) this problem is fixed in version
1.0k-6.
We recommend that you update your xbl package.