[Secure-testing-team] Bug#528778: eggdrop: incomplete patch for CVE-2007-2807
Nico Golde
nion at debian.org
Fri May 15 18:52:49 UTC 2009
Hi,
* Michael S. Gilbert <michael.s.gilbert at gmail.com> [2009-05-15 19:45]:
> On Fri, 15 May 2009 14:18:26 +0200, Nico Golde wrote:
[...]
> > turns out my patch has a bug in it which opens this up for a
> > buffer overflow again in case strlen(ctcpbuf) returns 0:
> > http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/68341
> >
> >
> > Too bad noone noticed that before.
> > I am going to upload a 0-day NMU now to fix this.
> >
> > debdiff available on:
> > http://people.debian.org/~nion/nmu-diff/eggdrop-1.6.19-1.1_1.6.19-1.2.patch
> >
> > (includes the wrong bug number to close as I tried to reopen it fist but it failed because it was already archived).
>
> does this mean that DSA-1448 needs to be reissued?
Yes
> and is that in the works?
No
> should the etch fixed version get removed from the DSA
> list to reindicate that etch is vulnerable?
No there will be a -2 DSA if any that reflects the previous
fix being incomplete.
Cheers
Nico
P.S. this belongs on the testing-security team mailing list
and not to the BTS.
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20090515/008a08e3/attachment.pgp>
More information about the Secure-testing-team
mailing list