Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo GLSA-200405-25 Normal: tla Heap Overflow In libneon

gentoo
Calendar Grey May 30, 2004
Dist Gentoo Esm H88
Buffer overflow vulnerability in TLA's neon module on Gentoo systems may allow remote code execution from compromised servers. Immediate update advised!
tla includes a vulnerable version of the neon library.

Summary

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory                           GLSA 200405-25
                                            https://security.gentoo.org/

  Severity: Normal
     Title: tla: Heap-based buffer overflow in included libneon
      Date: May 30, 2004
      Bugs: #51586
        ID: 200405-25


Synopsis
=======
tla includes a vulnerable version of the neon library.

Background
=========
GNU Arch (tla) is a revision control system suited for widely
distributed development.

Affected packages
================
    -------------------------------------------------------------------
     Package       /    Vulnerable    /                     Unaffected
    -------------------------------------------------------------------
  1  dev-util/tla      < 1.2.1_pre1                      >= 1.2.1_pre1

==========
Stefan Esser discovered a vulnerability in the code of the neon library
(GLSA 200405-13): if a malicious date string is passed to the
ne_rf...
Read the Full Advisory
Topics%20covered

Topics Covered

security advisory gentoo code execution heap overflow normal severity libneon tla update

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo code execution heap overflow normal severity libneon tla update

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here