[Secure-testing-team] Bug#548198: CVE-2009-2905: buffer overflow

Steffen Joeris steffen.joeris at skolelinux.de
Thu Sep 24 12:55:57 UTC 2009

Previous message: Chers Membres PayPal: Attention Votre compte PayPal a éte limite !
Next message: L'accès à votre cômpte est restreint!
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Package: newt
Severity: grave
Tags: security patch

Hi

There is a buffer overflow in textbox.c. This issue is CVE-2009-2905.

In textbox.c the following patch has been applied.

-       result = malloc(strlen(text) + (strlen(text) / width) + 2);
+       result = malloc(strlen(text) + (strlen(text) / (width - 1)) + 2);

Cheers
Steffen

Previous message: Chers Membres PayPal: Attention Votre compte PayPal a éte limite !
Next message: L'accès à votre cômpte est restreint!
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Secure-testing-team mailing list