registry team mailing list archive
-
registry team
-
Mailing list archive
-
Message #07306
[Bug 377054] Re: eggdrop/windrop remote crash vulnerability
This bug was fixed in the package eggdrop - 1.6.18-1.1ubuntu1.1
---------------
eggdrop (1.6.18-1.1ubuntu1.1) hardy-security; urgency=low
* SECURITY UPDATE: Fix buffer overflows (LP: #377054)
- debian/patches/CVE-2007-2807.patch: Former patch was not fully applied.
This patch now fully applies the previous fix for a stack based
buffer-iverflow and also fixes a potential buffer-overflow in case
strlen(ctcpbuf) returns 0.
- CVE-2007-2807
- CVE-2009-1789
-- Brian Thomason <brian.thomason@xxxxxxxxxxxxx> Wed, 30 Jun 2010 14:29:24 -0400
** Changed in: eggdrop (Ubuntu Hardy)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1789
--
eggdrop/windrop remote crash vulnerability
https://bugs.launchpad.net/bugs/377054
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for Debian.