It was reported [1] that a possible buffer overrun flaw exists in unixODBC's SQLDriverConnect() function. A large value for the SAVEFILE parameter in the connection string could trigger this, resulting in a crash. SecurityFocus claims this may also lead to the execution of arbitrary code as the user running the application using unixODBC [2]. This has been corrected upstream [3]. References: [1] http://seclists.org/oss-sec/2011/q1/446 [2] http://www.securityfocus.com/bid/46805/discuss [3] http://unixodbc.svn.sourceforge.net/viewvc/unixodbc/trunk/DriverManager/SQLDriverConnect.c?r1=23&r2=27
We have no maintainer for this package at this time.
Created attachment 268231 [details, diff] fix patch
Created attachment 268233 [details] ebuild
I stepped up to maintain this, since it was maintainer-needed.
I just committed the new ebuild and patch. @Alexandr: Thanks.
Arches, please test and mark stable: =dev-db/unixODBC-2.3.0-r1 Target KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
Stable for HPPA.
amd64 ok
x86 stable. Thanks
arm stable
Stable on alpha.
amd64 stable
ia64/ppc/ppc64 stable
s390/sh/sparc stable
Thanks, everyone. GLSA request filed.
This issue was resolved and addressed in GLSA 201412-09 at http://security.gentoo.org/glsa/glsa-201412-09.xml by GLSA coordinator Sean Amoss (ackle).