ArchLinux: 201410-11: ctags: Denial of service
Summary
Stefano Zacchiroli discovered a vulnerability in ctags, a tool to build tag file indexes of source code definitions: Certain JavaScript files cause ctags to enter an infinite loop until it runs out of disk space, resulting in denial of service.
Resolution
Upgrade to 5.8-5.
# pacman -Syu "ctags>=5.8-5"
The problem has been fixed upstream [0] but no release version is
available yet.
References
[0] https://sourceforge.net/p/ctags/code/791/ https://access.redhat.com/security/cve/CVE-2014-7204 https://bugs.archlinux.org/task/42246 https://www.openwall.com/lists/oss-security/2014/09/29/40
Workaround
None.