Julien Tinnes reported that bip does not check the number of open file descriptors against FD_SETSIZE, resulting in a buffer overflow that is supposed to be exploitable.
I'm assuming there's a release right around the corner.
No release yet, went for a revbump.
Arches, please test and mark stable:
Target keywords : "amd64 x86"
B1 should be good.
Filed new glsa request. Thanks everyone.
Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated
users to execute arbitrary code via vectors involving a series of TCP
connections that triggers use of many open file descriptors.
This issue was resolved and addressed in
GLSA 201201-18 at http://security.gentoo.org/glsa/glsa-201201-18.xml
by GLSA coordinator Alex Legler (a3li).