Your message dated Sun, 20 Nov 2005 03:40:19 +0000
with message-id <[EMAIL PROTECTED]>
and subject line [CAN-2005-3120] buffer overflow in nntp schema handling
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 17 Oct 2005 19:52:53 +0000
>From [EMAIL PROTECTED] Mon Oct 17 12:52:53 2005
Return-path: <[EMAIL PROTECTED]>
Received: from mail.enyo.de [212.9.189.167]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1ERb2T-00033f-00; Mon, 17 Oct 2005 12:52:53 -0700
Received: from deneb.vpn.enyo.de ([212.9.189.177] helo=deneb.enyo.de)
by albireo.enyo.de with esmtp id 1ERb2S-0007MK-P2
for [EMAIL PROTECTED]; Mon, 17 Oct 2005 21:52:52 +0200
Received: from fw by deneb.enyo.de with local (Exim 4.54)
id 1ERb1N-0004Vq-U2
for [EMAIL PROTECTED]; Mon, 17 Oct 2005 21:51:45 +0200
From: Florian Weimer <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: [CAN-2005-3120] buffer overflow in nntp schema handling
Date: Mon, 17 Oct 2005 21:51:45 +0200
Message-ID: <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Package: lynx, lynx-cur
Severity: grave
Tags: security
Various vendors have reported a remotely exploitable buffer overflow
vulnerability in Lynx.
From: Martin Pitt <[EMAIL PROTECTED]>
Subject: [USN-206-1] Lynx vulnerability
To: [EMAIL PROTECTED]
Cc: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com
Date: Mon, 17 Oct 2005 11:40:48 +0200
Message-ID: <[EMAIL PROTECTED]>
===========================================================
Ubuntu Security Notice USN-206-1 October 17, 2005
lynx vulnerability
CAN-2005-3120
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)
The following packages are affected:
lynx
The problem can be corrected by upgrading the affected package to
version 2.8.5-1ubuntu1.1 (for Ubuntu 4.10), 2.8.5-2ubuntu0.5.04 (for
Ubuntu 5.04), or 2.8.5-2ubuntu0.5.10 (for Ubuntu 5.10). In general, a
standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Ulf Harnhammar discovered a remote vulnerability in Lynx when
connecting to a news server (NNTP). The function that added missing
escape chararacters to article headers did not check the size of the
target buffer. Specially crafted news entries could trigger a buffer
overflow, which could be exploited to execute arbitrary code with the
privileges of the user running lynx. In order to exploit this, the
user is not even required to actively visit a news site with Lynx
since a malicious HTML page could automatically redirect to an nntp://
URL with malicious news items.
[...]
---------------------------------------
Received: (at 335033-done) by bugs.debian.org; 20 Nov 2005 03:40:51 +0000
>From [EMAIL PROTECTED] Sat Nov 19 19:40:51 2005
Return-path: <[EMAIL PROTECTED]>
Received: from 83-216-156-21.jamest747.adsl.metronet.co.uk ([83.216.156.21]
helo=pasta.gloaming.local)
by spohr.debian.org with esmtp (Exim 4.50)
id 1Edg4R-0005k3-Fi
for [EMAIL PROTECTED]; Sat, 19 Nov 2005 19:40:51 -0800
Received: from james by pasta.gloaming.local with local (Exim 4.52 #1 (Debian))
id 1Edg3v-0005EP-U3
for <[EMAIL PROTECTED]>; Sun, 20 Nov 2005 03:40:19 +0000
To: [EMAIL PROTECTED]
Subject: Re: [CAN-2005-3120] buffer overflow in nntp schema handling
Mail-Copies-To: never
From: James Troup <[EMAIL PROTECTED]>
Date: Sun, 20 Nov 2005 03:40:19 +0000
Message-ID: <[EMAIL PROTECTED]>
User-Agent: Gnus/5.1007 (Gnus v5.10.7) Emacs/21.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Package: lynx
Version: 2.8.5-2sarge1
This has been fixed in 2.8.5-2sarge1 by the Security Team and this
version is now in unstable, testing and proposed-updates as well.
--
James
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
