Hi, On Sat, Jan 17, 2009 at 12:05:02PM +0100, Kurt Roeckx wrote: > On Sun, Sep 23, 2007 at 01:56:15PM +0200, Nico Golde wrote: > > I wrote a patch which should fix the issue. It is attached. > > Kind regards > > > > + if(which > sizeof(hook_functions) - 1) > > + return NO_ACTION_TAKEN; > > + > > This patch looks wrong. You probably want: > if(which > sizeof(hook_functions)/sizeof(*hook_functions) - 1) > > Ubuntu seems to have used this patch, so I think they still > have that issue, and I'm not sure how to contact them. So > I hope Kees can look into this.
Thanks for the heads-up! Yeah, it looks like Ubuntu got the original patch. I will get it fixed up. (Feel free to email me, but if you want to reach Ubuntu security in general, you can use secur...@ubuntu.com.) -Kees -- Kees Cook @debian.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
