CVE-2021-45927 (https://github.com/mdbtools/mdbtools/commit/373b7ff4c4daf887269c078407cb1338942c4ea6): MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd6e029ee0) in mdb_numeric_to_string (called from mdb_xfer_bound_data and _mdb_attempt_bind). CVE-2021-45926 (https://github.com/mdbtools/mdbtools/commit/373b7ff4c4daf887269c078407cb1338942c4ea6): MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd0c689be0) in mdb_numeric_to_string (called from mdb_xfer_bound_data and _mdb_attempt_bind).
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=26b84082902202ace4963dced4b1c2436d896a39 commit 26b84082902202ace4963dced4b1c2436d896a39 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2022-01-01 09:32:30 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-01-01 09:41:42 +0000 app-office/mdbtools: drop 0.9.2 Bug: https://bugs.gentoo.org/830371 Signed-off-by: John Helmert III <ajak@gentoo.org> app-office/mdbtools/Manifest | 1 - .../mdbtools-0.9.2-unixODBC-respect-libdir.patch | 46 ---------------- app-office/mdbtools/mdbtools-0.9.2.ebuild | 61 ---------------------- 3 files changed, 108 deletions(-)
Request filed.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=ac5d7a025f5b21082f32f355c3f003500c9f4432 commit ac5d7a025f5b21082f32f355c3f003500c9f4432 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-10 04:08:26 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-10 04:17:33 +0000 [ GLSA 202208-12 ] mdbtools: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/773289 Bug: https://bugs.gentoo.org/830371 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202208-12.xml | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+)
GLSA released, all done!