This bug was fixed in the package eggdrop - 1.6.19-1.1ubuntu1.8.10.1 --------------- eggdrop (1.6.19-1.1ubuntu1.8.10.1) intrepid-security; urgency=low
* SECURITY UPDATE: Incomplete patch for CVE-2007-2807, buffer can still overflow in case of strlen(ctcpbuf) returning zero (LP: #377054) - debian/patches/02_incompCVE-2007-2807.patch: Use memmove instead of strncpy to avoid buffer overflow. Patch from Debian. - CVE-2007-2807 -- Savvas Radevic <vice...@gmail.com> Fri, 15 May 2009 20:58:58 +0100 ** Changed in: eggdrop (Ubuntu Intrepid) Status: Fix Committed => Fix Released ** Changed in: eggdrop (Ubuntu Jaunty) Status: Fix Committed => Fix Released -- eggdrop/windrop remote crash vulnerability https://bugs.launchpad.net/bugs/377054 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs