Summary: | net-im/silc-toolkit <1.1.6 silc_fingerprint() Buffer Overflow (CVE-2008-1227) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | net-irc |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.6 | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Robert Buchholz (RETIRED)
2008-03-05 09:58:32 UTC
I'm not sure how an attacker can generate input to that function, maybe you guys from net-irc can help here. Also, is 1.1.6 good to go stable? net-irc, please advise. Its safe to go to stable, but i have no idea about that thing :) Arches, please test and mark stable: =net-im/silc-toolkit-1.1.6 Target keywords : "alpha amd64 arm hppa ia64 mips ppc ppc64 release sparc x86" ppc64 stable alpha/ia64/sparc/x86 stable Stable for HPPA. amd64 stable ppc stable Fixed in release snapshot. request filed no mips stable. GLSA 200804-27. |