Debian: DSA-045-3 Important: Slrn Memory Corruption Vulnerability
debian
March 8, 2001
slrn might overflow a buffer which could result into executingarbitraty code encoded in the message.
Topics Covered
Summary
Package : slrn
Problem type : buffer overflow
Debian-specific: no
Bill Nottingham reported a problem in the wrapping/unwrapping
functions of the slrn newsreader. A long header in a message
might overflow a buffer and which could result into executing
arbitraty code encoded in the message.
The default configuration does not have wrapping enable, but it
can easily be enabled either by changing the configuration or
pressing W while viewing a message.
This has been fixed in version 0.9.6.2-9potato1 and we recommand
that you upgrade your slrn package immediately.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.2 alias potato
---------------------------------
Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
Source archives:
MD5 checksum: 5dd13f483c2fa61d6fd6370f7813df82
MD5 checksum: 813ad9482041914b484428281fc28ad8
MD5 checksum: 7ce442af03aeafb88a636183955c270e
Alpha a...
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!