Your message dated Tue, 05 Nov 2002 17:58:45 +0900
with message-id <[EMAIL PROTECTED]>
and subject line libc6: potentially security-relevant flaw in calloc
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 5 Aug 2002 15:01:32 +0000
>From [EMAIL PROTECTED] Mon Aug 05 10:01:32 2002
Return-path: <[EMAIL PROTECTED]>
Received: from mail.cert.uni-stuttgart.de [129.69.16.17]
by master.debian.org with esmtp (Exim 3.12 1 (Debian))
id 17bjMS-0006v6-00; Mon, 05 Aug 2002 10:01:32 -0500
Received: from rusfw by Mail.CERT.Uni-Stuttgart.DE with local (Exim 4.04)
id 17bjMR-0004sU-00; Mon, 05 Aug 2002 17:01:31 +0200
Subject: libc6: potentially security-relevant flaw in calloc
From: "Florian Weimer" <[EMAIL PROTECTED]>
To: "Debian Bug Tracking System" <[EMAIL PROTECTED]>
X-Mailer: reportbug 1.99.47
Date: Mon, 05 Aug 2002 17:01:31 +0200
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Package: libc6
Version: 2.2.5-12
Severity: important
calloc() contains an integer overflow which means that in some cases,
the allocated buffer is too small. See the following page for details:
http://cert.uni-stuttgart.de/advisories/calloc.php
Currently, no specific threats are known, that's why this bug is not
critical, but the patch from the GNU libc CVS should be applied
nevertheless, IMHO.
-- System Information:
Debian Release: 3.0
Architecture: i386
Kernel: Linux CERT 2.4.18-xfs-1.1 #1 SMP Tue Jul 30 09:26:30 CEST 2002 i686
Locale: LANG=C, LC_CTYPE=en_US
-- no debconf information
---------------------------------------
Received: (at 155529-done) by bugs.debian.org; 5 Nov 2002 08:58:48 +0000
>From [EMAIL PROTECTED] Tue Nov 05 02:58:48 2002
Return-path: <[EMAIL PROTECTED]>
Received: from oris.opensource.jp (oris.opensource.gr.jp) [218.44.239.73]
([JuOjha4BMLEu99ULTW/fcOq2hQYkTV+l])
by master.debian.org with esmtp (Exim 3.12 1 (Debian))
id 188zXr-0003to-00; Tue, 05 Nov 2002 02:58:48 -0600
Received: from oris.opensource.jp (oris.opensource.jp [218.44.239.73])
by oris.opensource.gr.jp (Postfix) with ESMTP id 0B5E1C33C1
for <[EMAIL PROTECTED]>; Tue, 5 Nov 2002 17:58:46 +0900 (JST)
Date: Tue, 05 Nov 2002 17:58:45 +0900
Message-ID: <[EMAIL PROTECTED]>
From: GOTO Masanori <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: libc6: potentially security-relevant flaw in calloc
User-Agent: Wanderlust/2.9.9 (Unchained Melody) SEMI/1.14.3 (Ushinoya)
FLIM/1.14.3 (=?ISO-8859-4?Q?Unebigory=F2mae?=) APEL/10.3 Emacs/21.2
(i386-debian-linux-gnu) MULE/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.3 - "Ushinoya")
Content-Type: text/plain; charset=US-ASCII
Delivered-To: [EMAIL PROTECTED]
X-Spam-Status: No, hits=-0.5 required=5.0
tests=SPAM_PHRASE_00_01,USER_AGENT
version=2.41
X-Spam-Level:
This bug is fixed in current woody/sid.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
