Bug#387627: [pkg-ntp-maintainers] Bug#387627: ntp: off-by-one mistake
Kurt Roeckx
kurt at roeckx.be
Fri Sep 15 16:52:14 UTC 2006
severity 387627 minor
thanks
On Fri, Sep 15, 2006 at 03:58:08PM +0200, Marc Dequènes wrote:
>
> Package: ntp
> Version: 4.2.2+dfsg.2-1
> Severity: grave
> Tags: patch
>
>
> Coin,
>
> In the included getnameinfo() compatibility function, an off-by-one may
> lead to memory corruption and even security issues. A patch is attached.
This function isn't used in Debian, since it uses the glibc version of
getnameinfo().
But I'll forward it upstream.
Kurt
More information about the pkg-ntp-maintainers
mailing list