diff options
author | salo <salo> | 2006-08-24 22:02:02 +0000 |
---|---|---|
committer | salo <salo> | 2006-08-24 22:02:02 +0000 |
commit | 2ff5e91533e17075470dd9de6cdf74cd24ef48d5 (patch) | |
tree | 0a467d9e658aa9b5f6de8beb294957e4406daba6 /misc | |
parent | 7acd7c964eb21224c67ff8f99fcd001ba1568229 (diff) | |
download | pkgsrc-2ff5e91533e17075470dd9de6cdf74cd24ef48d5.tar.gz |
Security fix for SA21601:
"Will Drewry has reported some vulnerabilities in Cscope, which
potentially can be exploited by malicious people to compromise
a vulnerable system.
1) Various boundary errors within the parsing of file lists or
the expansion of environment variables can be exploited to
cause stack-based buffer overflows when parsing specially
crafted "cscope.lists" files or directories.
2) A boundary error within the parsing of command line arguments
can be exploited to cause a stack-based buffer overflow when
supplying an overly long "reffile" argument.
Successful exploitation may allow execution of arbitrary code."
Patches adapted from cscope CVS. Bump PKGREVISION.
Diffstat (limited to 'misc')
0 files changed, 0 insertions, 0 deletions