Gentoo Bug 44859 - UUDeview MIME Buffer Overflow

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bug#:	44859
Alias:
Product:
Component:
Status:	RESOLVED
Resolution:	FIXED
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Jeff Patterson <helixj@yahoo.ca>
Add CC:
CC:	Remove selected CCs

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:		Requestee:
plasmaroo:	Pending
	Approved
plasmaroo:	Assigned_To	()

Filename	Description	Type	Creator	Created	Size	Actions
uudeview-0.5.20.ebuild	uudeview-0.5.20.ebuild	text/plain	Joshua J. Berry (CondorDes) (RETIRED)	2004-03-23 15:12 0000	948 bytes	Details
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 44859 depends on:			Show dependency tree
Bug 44859 blocks:			Show dependency tree

Additional Comments: (this is where you put emerge --info)

Add to CC list

Not eligible to see or edit group visibility for this bug.

Leave as RESOLVED FIXED
Reopen bug
Mark bug as VERIFIED
Mark bug as CLOSED

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2004-03-16 09:16 0000

Versions of uudeview below 0.5.20 are vulnerable to buffer overflows.

Reproducible: Didn't try
Steps to Reproduce:
1.
2.
3.




No ebuild currently exists for uudeview-0.5.20.   Upgrading to 0.5.20 solves
this problem.

------- Comment #1 From Joshua J. Berry (CondorDes) (RETIRED) 2004-03-23 15:12:14 0000 -------

Created an attachment (id=27891) [details]
uudeview-0.5.20.ebuild

Version bump for uudeview.  I removed the patch that was in uudeview 0.5.18
because it doesn't seem to be applicable anymore.

------- Comment #2 From Joshua J. Berry (CondorDes) (RETIRED) 2004-03-24 20:44:11 0000 -------

Can someone please test the new ebuild and let me know if anything needs
fixing?  (And if it's OK, could a dev please commit it?)

Thanks in advance.

------- Comment #3 From Seemant Kulleen (RETIRED) 2004-03-26 11:53:17 0000 -------

so, WHO wants this from the CC list?

------- Comment #4 From Seemant Kulleen (RETIRED) 2004-03-26 11:59:20 0000 -------

committed to portage directly as "x86 ~sparc" and removed the older versions

------- Comment #5 From Jason Wever (RETIRED) 2004-03-26 14:42:57 0000 -------

Stable on sparc.

------- Comment #6 From Tim Yamin (RETIRED) 2004-03-28 06:53:04 0000 -------

Closing bug; GLSA Released:
http://article.gmane.org/gmane.linux.gentoo.announce/295

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bugzilla Bug 44859

UUDeview MIME Buffer Overflow

Last modified: 2004-03-28 06:53:04 0000