From de22b583fce6f1e799ee45c3822966d76704772d Mon Sep 17 00:00:00 2001
From: Aldas Nabazas <aldas@opensde.net>
Date: Thu, 7 Aug 2008 19:46:06 +0200
Subject: [PATCH] pan: Updated (0.125 -> 0.133) : SECURITY - HIGH

CVE-2008-2363 (High) :
The PartsBatch class in Pan 0.132 and earlier does not properly manage the data structures for
Parts batches, which allows remote attackers to cause a denial of service (application crash)
and possibly execute arbitrary code via a crafted .nzb file that triggers a heap-based buffer
overflow.
---
 gnome2/pan/pan.desc | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/gnome2/pan/pan.desc b/gnome2/pan/pan.desc
index f4f0c9cc7..00075de85 100644
--- a/gnome2/pan/pan.desc
+++ b/gnome2/pan/pan.desc
@@ -1,9 +1,8 @@
-
 [COPY] --- SDE-COPYRIGHT-NOTE-BEGIN ---
 [COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch.
 [COPY]
 [COPY] Filename: package/.../pan/pan.desc
-[COPY] Copyright (C) 2006 - 2007 The OpenSDE Project
+[COPY] Copyright (C) 2006 - 2008 The OpenSDE Project
 [COPY] Copyright (C) 2004 - 2006 The T2 SDE Project
 [COPY] Copyright (C) 1998 - 2004 Clifford Wolf
 [COPY]
@@ -31,11 +30,11 @@
 
 [L] GPL
 [S] Beta
-[V] 0.125
+[V] 0.133
 [P] X -----5---9 158.600
 
 [CV-URL] http://pan.rebelbase.com/download/releases/
 
 [O] . $base/package/*/*/gnome2-conf.in
 
-[D] 1691134956 pan-0.125.tar.bz2 http://pan.rebelbase.com/download/releases/0.125/source/
+[D] 262276793 pan-0.133.tar.bz2 http://pan.rebelbase.com/download/releases/0.133/source/