Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Ubuntu: DSA 607-1 Serious: Memory Leak Flaw Remote Risk

debian
Calendar Grey May 19, 2004
Debian Logo
Debian Security Advisory DSA 506-1 This email address is being protected from spambots. You need Jav
User input is copied into variables not large enough for all cases

Summary

Stefan Esser discovered a problem in neon, an HTTP and WebDAV client
library. User input is copied into variables not large enough for all
cases. This can lead to an overflow of a static heap variable.

For the stable distribution (woody) this problem has been fixed in
version 0.19.3-2woody5.

For the unstable distribution (sid) this problem has been fixed in
version 0.23.9.dfsg-2 and neon_0.24.6.dfsg-1.

We recommend that you upgrade your libneon* packages.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody

Source archives:


Size/MD5 checksum: 582 3d56a54cb45ab...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Package: neon
CVE ID: CAN-2004-0398

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here