Untested patch from Thomas Biege. summary: - strncpy() off-by-one - return value check for setuid() - zero'ize rbuf - off-by-one in while (cp < &rbuf[BUFSIZ] && ch != '\n'); - verify/limit values of: size, blksize, need
Created attachment 101375 [details, diff] OpenPBS_2_3_16-security.diff
is this http://secunia.com/advisories/22637/ :: CVE-2006-5616 :: http://lists.suse.com/archive/suse-security-announce/2006-Oct/0007.html ?
Seems to be the same, though I didn't check wether the patches match.
*** This bug has been marked as a duplicate of 153495 ***