[packman] ldvd buffer overflow

Manfred Tremmel manfred at links2linux.de
Tue Oct 11 20:33:21 CEST 2005

Am Dienstag, 4. Oktober 2005 16:50 schrieb Peter Czanik:

> The ldvd package has a buffer overflow as well. It's in the ldvd-ls
> command, when run with the '-x' option (which is used by ldvd to list
> the disc).

Sometimes it takes a little bit longer, but now I've found the problem. 
There where more bugs inside, in the options -a, -s and -c (-x is a 
summary, so it also happens here). Two varables are to short, the 
nullbyte sprintf adds was not taken care of.
I've added a patch in the new rpm (and sent to the author) which solves 
the problem. Please try again with 2.0.1-0.pm.1.

@Detlef: Bitte auch die x86_64 Version updaten, ich kann zwar nicht 
sagen, ob das sicherheitstechnisch ein Problem sein kann, ein Bug ist 
es aber allemal, der gefixed werden sollte.

Machs gut    | http://www.iivs.de/schwinde/buerger/tremmel/

Manfred      | http://packman.links2linux.de/

More information about the Packman mailing list