Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 44859 - UUDeview MIME Buffer Overflow
Summary: UUDeview MIME Buffer Overflow
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: GLSA Errors (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
URL: http://www.securitytracker.com/alerts...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-03-16 09:16 UTC by Jeff Patterson
Modified: 2004-03-28 06:53 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---
plasmaroo: Pending-
plasmaroo: Assigned_To? (plasmaroo)

Attachments
uudeview-0.5.20.ebuild (uudeview-0.5.20.ebuild,948 bytes, text/plain)
2004-03-23 15:12 UTC, Joshua J. Berry (CondorDes) (RETIRED) 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jeff Patterson 2004-03-16 09:16:00 UTC 
Versions of uudeview below 0.5.20 are vulnerable to buffer overflows.

Reproducible: Didn't try
Steps to Reproduce:
1.
2.
3.




No ebuild currently exists for uudeview-0.5.20.   Upgrading to 0.5.20 solves
this problem.
Comment 1 Joshua J. Berry (CondorDes) (RETIRED) gentoo-dev 2004-03-23 15:12:14 UTC 
Created attachment 27891 [details]
uudeview-0.5.20.ebuild

Version bump for uudeview.  I removed the patch that was in uudeview 0.5.18
because it doesn't seem to be applicable anymore.
Comment 2 Joshua J. Berry (CondorDes) (RETIRED) gentoo-dev 2004-03-24 20:44:11 UTC 
Can someone please test the new ebuild and let me know if anything needs fixing?  (And if it's OK, could a dev please commit it?)

Thanks in advance.
Comment 3 Seemant Kulleen (RETIRED) gentoo-dev 2004-03-26 11:53:17 UTC 
so, WHO wants this from the CC list?
Comment 4 Seemant Kulleen (RETIRED) gentoo-dev 2004-03-26 11:59:20 UTC 
committed to portage directly as "x86 ~sparc" and removed the older versions
Comment 5 Jason Wever (RETIRED) gentoo-dev 2004-03-26 14:42:57 UTC 
Stable on sparc.
Comment 6 Tim Yamin (RETIRED) gentoo-dev 2004-03-28 06:53:04 UTC 
Closing bug; GLSA Released: http://article.gmane.org/gmane.linux.gentoo.announce/295