[Bug 377054] Re: eggdrop/windrop remote crash vulnerability

Launchpad Bug Tracker Wed, 20 May 2009 10:10:32 -0700

This bug was fixed in the package eggdrop - 1.6.19-1.1ubuntu1.8.10.1

---------------
eggdrop (1.6.19-1.1ubuntu1.8.10.1) intrepid-security; urgency=low


  * SECURITY UPDATE: Incomplete patch for CVE-2007-2807, buffer can still
    overflow in case of strlen(ctcpbuf) returning zero (LP: #377054)
    - debian/patches/02_incompCVE-2007-2807.patch: Use memmove instead of
      strncpy to avoid buffer overflow. Patch from Debian.
    - CVE-2007-2807

 -- Savvas Radevic <vice...@gmail.com>   Fri, 15 May 2009 20:58:58 +0100

** Changed in: eggdrop (Ubuntu Intrepid)
       Status: Fix Committed => Fix Released

** Changed in: eggdrop (Ubuntu Jaunty)
       Status: Fix Committed => Fix Released

-- 
eggdrop/windrop remote crash vulnerability
https://bugs.launchpad.net/bugs/377054
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 377054] Re: eggdrop/windrop remote crash vulnerability

Reply via email to