On Thu, 28 Apr 2005, Allan Lyons wrote: > Package: ldapdiff > Version: 0.9.2-1 > Severity: critical > Tags: security fixed-upstream > > The change logs for ldapdiff report that a security hole in > ldapdiff.conf path construction was fixed in version 1.1.1 > > Upgrading to the current upstream version would both fix this security > hole as well as other bugs according to the upstream change logs.
I just downloaded the sources of 1.1.0 and 1.1.1 and the diff shows
that the upstream author fixed the handling of the "char *fname" in
function ldifinitconf(), which was unsafe in 1.1.0.
But if you compare the contents of ldifinitconf() in 1.1.0, 1.1.1 and
0.9.2 (which is in Debian), you will notice, that "fname" isn't used
in 0.9.2 and I cannot see any other security problem in the string
handling in this function in 0.9.2.
So I suggest closing this bug report, because the security bug, which
was fixed in 1.1.1, was introduced _after_ 0.9.2.
Tschoeeee
Roland
pgpYFGkbInOxc.pgp
Description: PGP signature
