[Secure-testing-team] Bug#551918: Multiple DoS issues
Moritz Muehlenhoff
jmm at debian.org
Wed Oct 21 19:34:25 UTC 2009
Package: systemtap
Severity: grave
Tags: security
Three denial of service issues were found in SystemTap. Lenny is
not affected. Please see
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2911 for
the verbose explanation by Red Hat's Jan Lieskovsky:
Patches are available here:
https://bugzilla.redhat.com/attachment.cgi?id=365293 (SystemTap-1.0-limit-printf-arguments.patch)
https://bugzilla.redhat.com/attachment.cgi?id=365294 (SystemTap-1.0-limit-dwarf-expression-stack-size.patch)
https://bugzilla.redhat.com/attachment.cgi?id=365413 (SystemTap-1.0-unwind-table-size-checks.patch)
Cheers,
Moritz
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.30-2-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15 at euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash
Versions of packages systemtap depends on:
ii libc6 2.9-27 GNU C Library: Shared libraries
ii libelf1 0.143-1 library to read and write ELF file
ii libgcc1 1:4.4.1-6 GCC support library
ii libsqlite3-0 3.6.18-1 SQLite 3 shared library
ii libstdc++6 4.4.1-6 The GNU Standard C++ Library v3
pn systemtap-runtime <none> (no description available)
systemtap recommends no packages.
Versions of packages systemtap suggests:
pn systemtap-doc <none> (no description available)
pn vim-addon-manager <none> (no description available)
More information about the Secure-testing-team
mailing list