[packman] ldvd buffer overflow
Manfred Tremmel
manfred at links2linux.de
Tue Oct 11 20:33:21 CEST 2005
Am Dienstag, 4. Oktober 2005 16:50 schrieb Peter Czanik:
> The ldvd package has a buffer overflow as well. It's in the ldvd-ls
> command, when run with the '-x' option (which is used by ldvd to list
> the disc).
Sometimes it takes a little bit longer, but now I've found the problem.
There where more bugs inside, in the options -a, -s and -c (-x is a
summary, so it also happens here). Two varables are to short, the
nullbyte sprintf adds was not taken care of.
I've added a patch in the new rpm (and sent to the author) which solves
the problem. Please try again with 2.0.1-0.pm.1.
@Detlef: Bitte auch die x86_64 Version updaten, ich kann zwar nicht
sagen, ob das sicherheitstechnisch ein Problem sein kann, ein Bug ist
es aber allemal, der gefixed werden sollte.
--
Machs gut | http://www.iivs.de/schwinde/buerger/tremmel/
Manfred | http://packman.links2linux.de/
More information about the Packman
mailing list