Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 51461 - net-misc/cadaver-0.22.1 -- buffer overflow
Summary: net-misc/cadaver-0.22.1 -- buffer overflow
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: GLSA Errors (show other bugs)
Hardware: All All
: High normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-05-19 08:52 UTC by Sune Kloppenborg Jeppesen
Modified: 2004-05-20 14:02 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sune Kloppenborg Jeppesen gentoo-dev 2004-05-19 08:52:13 UTC
From http://www.debian.org/security/2004/dsa-507
Stefan Esser discovered a problem in neon, an HTTP and WebDAV client library, which is also present in cadaver, a command-line client for WebDAV server. User input is copied into variables not large enough for all cases. This can lead to an overflow of a static heap variable.
Comment 1 Sune Kloppenborg Jeppesen gentoo-dev 2004-05-19 08:54:06 UTC
New version 0.22.2 available. Compiles cleanly with a version bump.
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2004-05-19 14:10:27 UTC
plasmaroo : no maintainer, and you did the last security bump. Do you think you can bump this one too ?
Comment 3 Tim Yamin (RETIRED) gentoo-dev 2004-05-19 14:46:04 UTC
Now in Portage. I've kept the "x86 ~sparc ~ppc" KEYWORDS since that's how they were for the previous version; since the ~-KEYWORDS were added after the previous fixed version was issued.
Comment 4 Thierry Carrez (RETIRED) gentoo-dev 2004-05-20 14:02:06 UTC
GLSA 200405-15