On Sat, 6 Sep 2008, Nico Golde wrote:
This patch is included wordnet 1:3.0-12.
Well, not really. There was a problem with the original
patch which was reported to [EMAIL PROTECTED] The
problem was fixed and you can obtain patches from
http://svn.debian.org/wsvn/debian-science/packages
Hi Stefan,
* Stefan Lesicnik <[EMAIL PROTECTED]> [2008-09-06 11:46]:
> As the changelog indicates, there may still be various potential
> security flaws within this product.
>
> http://www.ocert.org/advisories/ocert-2008-014.html
>
> shows the release of a more comprehensive patch.
>
> http://ww
Hi,
As the changelog indicates, there may still be various potential
security flaws within this product.
http://www.ocert.org/advisories/ocert-2008-014.html
shows the release of a more comprehensive patch.
http://www.ocert.org/analysis/2008-014/wordnet.patch
Attached is the debian-debdiff to a
Andreas Tille wrote:
> > I can't say anything about stable though.
>
> Well, I assume they are aware of the issue and could bother me if I
> could / should do something, right?
If there's indication that the currently known issues are just the tip of
the iceberg, please ask for a review by debia
On Fri, 16 May 2008, Nico Golde wrote:
I first thought the buffer you write into is also 200 bytes
big then the 0 byte sprintf writes at the end would cause an
off-by-one. I just saw that its 256 bytes big so this should
be no problem.
Yes, I left some space. You have to add the fix format st
Hi Andreas,
* Andreas Tille <[EMAIL PROTECTED]> [2008-05-16 15:53]:
> On Fri, 16 May 2008, Nico Golde wrote:
>
> >>- sprintf(tmpbuf, "wn: invalid search option: %s\n", av[j]);
> >>+ /* Fix CVE-2008-2149: buffer overflows Andreas Tille <[EMAIL
> >>PROTECTED]> */
> >>+
Am 16.05.2008 um 15:47 schrieb Andreas Tille:
> On Fri, 16 May 2008, Nico Golde wrote:
>
>>> - sprintf(tmpbuf, "wn: invalid search option: %s\n", av[j]);
>>> + /* Fix CVE-2008-2149: buffer overflows Andreas Tille <[EMAIL
>>> PROTECTED]> */
>>> + sprintf(tmpbuf, "wn:
On Fri, 16 May 2008, Nico Golde wrote:
- sprintf(tmpbuf, "wn: invalid search option: %s\n", av[j]);
+ /* Fix CVE-2008-2149: buffer overflows Andreas Tille <[EMAIL
PROTECTED]> */
+ sprintf(tmpbuf, "wn: invalid search option: %.200s\n", av[j]);
Please u
Heyho Andreas,
* Andreas Tille <[EMAIL PROTECTED]> [2008-05-15 14:57]:
> On Wed, 14 May 2008, Steffen Joeris wrote:
>
> >CVE-2008-2149:
[...]
> there are potentially more issues of other sprintf()/strcpy()/strcat()/...
> occurences. So I wonder if you accept the attached patch as a fix for
> the
On Fri, 16 May 2008, Steffen Joeris wrote:
Sorry for the late reply.
No problem.
For testing-security just make sure you upload with priority=high .
pdebuild with priority=high in changelog is currently running.
I would not want to think about DTSAs or migration stuff yet, because I
susp
Hi Andreas
Sorry for the late reply.
> I've got no answer to this question for nearly 24 hours. Because I
> consider it more important to fix a known issue _now_ instead of doing a
> long research for other issues for perhaps weeks I will upload packages
> with the proposed fix in the next hour.
On Fri, May 16, 2008 13:59, Andreas Tille wrote:
> I've got no answer to this question for nearly 24 hours. Because I
> consider it more important to fix a known issue _now_ instead of doing a
> long research for other issues for perhaps weeks I will upload packages
> with the proposed fix in the
On Thu, 15 May 2008, Andreas Tille wrote:
As stated in the Gentoo BTS
https://bugs.gentoo.org/show_bug.cgi?id=211491
there are potentially more issues of other sprintf()/strcpy()/strcat()/...
occurences. So I wonder if you accept the attached patch as a fix for
the problem. It actually cur
On Wed, 14 May 2008, Steffen Joeris wrote:
CVE-2008-2149:
Stack-based buffer overflow in the searchwn function in Wordnet 2.0,
2.1, and 3.0 might allow context-dependent attackers to execute
arbitrary code via a long command line option. NOTE: this issue probably
does not cross privilege bounda
Package: wordnet
Severity: grave
Tags: security
Justification: user security hole
Hi
The following CVE(0) has been issued against wordnet.
CVE-2008-2149:
Stack-based buffer overflow in the searchwn function in Wordnet 2.0,
2.1, and 3.0 might allow context-dependent attackers to execute
arbitrar
15 matches
Mail list logo
