Fix two security issues: - pkgsrc

diff options

author	recht <recht>	2003-11-05 00:05:06 +0000
committer	recht <recht>	2003-11-05 00:05:06 +0000
commit	2e708d023397aeb250c184dd3375d568c7141619 (patch)
tree	eaaa5f164a6a5266127c3c08f0c2f98c86e0c711 /sysutils/rox-system
parent	5111e1aeb9369433a62c05a1b3a20497c9992fe7 (diff)
download	pkgsrc-2e708d023397aeb250c184dd3375d568c7141619.tar.gz

Fix two security issues:

1.) An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. 2.) ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. See http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0853 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0854 and the original report http://www.guninski.com/binls.html for details. Patches taken from Red Hat's Security Advisory RHSA-2003:309-01. reported by reed@ bump PKGREVISION

Diffstat (limited to 'sysutils/rox-system')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: