Summary: | net-libs/libtirpc RPC library buffer overflow (CVE-2007-3999) | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | trivial | CC: | net-fs | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | ~1 [ebuild] | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Robert Buchholz (RETIRED)
2008-03-22 01:39:06 UTC
seems like the package copied the code from bug 191301 and bug 191479, see attached patch. Created attachment 146830 [details, diff]
libtirpc-0.1.7-CVE-2007-3999.patch
(In reply to comment #2) > Created an attachment (id=146830) [edit] > libtirpc-0.1.7-CVE-2007-3999.patch > any news here? 0.1.7-r1 now in the tree with the patch ... it was never stable -> close |