Summary: | net-misc/telnet-bsd buffer overflows | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | ||||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | All | ||||||
Whiteboard: | B2 [glsa] jaervosz | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Sune Kloppenborg Jeppesen (RETIRED)
2005-03-28 12:44:30 UTC
debian devs solved this one in http://security.debian.org/pool/updates/main/n/netkit-telnet/netkit-telnet_0.17-18woody3.diff.gz I guess netkit-telnet is also vulnerable... netkit-telnetd 0.17-r4 uses Debian patchset 26 so it's unaffected. I think I remember some people in #-dev saying vapier maintains this (much to their relief) Created attachment 54831 [details, diff]
telnet-bsd-1.0 security patch
Hi folks,
I talked to jaervoz on IRC and said that I would try/port freebsd's patch for
this package. FreeBSD's patch isn't suitable because freebsd's telnet.c has
some functions in different lines than linux one.
Hope it helps.
1.0-r1 now in portage Thx everyone. This one is ready for GLSA. GLSA 200504-01 |