severity 687597 important thanks On Sat, Jan 05, 2013 at 09:01:45PM +0100, John Paul Adrian Glaubitz wrote: >Hi, > >there has also been an upstream bug report filed [1]. > >Might be reasonable to check back there from time to time. No patch >yet, unfortunately.
I had a look at this yesterday. The buffer-handling in libslp *looks* suspect to me (in terms of tracking lengths of text fields etc.), but I can't see an easy way to reproduce the bug here to verify my suspicions. I've followed up on the upstream bug to ask about this. In the meantime, even if the code looks dodgy I *don't* see it as being particularly likely to be exploitable, more a DoS at worst, and only on a local-network basis rather than truly remote. I'm dropping severity from grave accordingly - feel free to re-raise if you think I'm wrong. -- Steve McIntyre, Cambridge, UK. st...@einval.com "C++ ate my sanity" -- Jon Rabone -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
