Package: libhx Severity: grave Tags: security The following was posted to oss-security and has been assigned CVE-2010-2947:
--- http://libhx.git.sourceforge.net/git/gitweb.cgi?p=libhx/libhx;a=commitdiff;h=904a46f90dd3f046bfac0b64a5e813d7cd4fca59 string: fixed buffer overflow in HX_split when too few fields are present Jan Engelhardt [Mon, 16 Aug 2010 17:08:51 +0000 (19:08 +0200)] When HX_split is called with a maximum number of desired fields (4th argument != 0), passing in a string that has less fields than that led to a buffer overrun (write beyond end of malloc'd area). -- Please check whether stable is affected. Cheers, Moritz -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
