Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 323580 Details for
Bug 434802
<net-dialup/freeradius-2.2.0: buffer overflow vulnerability (CVE-2012-3547)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to CVE-2012-3547
freeradius-2.1.10-cve2012-3547.patch (text/plain), 591 bytes, created by
Stefan Sakalik
on 2012-09-12 07:45:25 UTC
(
hide
)
Description:
Patch to CVE-2012-3547
Filename:
MIME Type:
Creator:
Stefan Sakalik
Created:
2012-09-12 07:45:25 UTC
Size:
591 bytes
patch
obsolete
>--- freeradius-server-2.1.11.orig/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c 2011-06-20 16:57:14.000000000 +0200 >+++ freeradius-server-2.1.11/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c 2012-09-11 13:55:45.000000000 +0200 >@@ -484,7 +484,7 @@ > */ > buf[0] = '\0'; > asn_time = X509_get_notAfter(client_cert); >- if ((lookup <= 1) && asn_time && (asn_time->length < MAX_STRING_LEN)) { >+ if ((lookup <= 1) && asn_time && (asn_time->length < sizeof(buf))) { > memcpy(buf, (char*) asn_time->data, asn_time->length); > buf[asn_time->length] = '\0'; > pairadd(&handler->certs,
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 434802
: 323580