[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Pan-devel] Re: Buffer overflow in pan when parsing .nzb files
|
From: |
Duncan |
|
Subject: |
[Pan-devel] Re: Buffer overflow in pan when parsing .nzb files |
|
Date: |
Thu, 29 May 2008 07:37:39 +0000 (UTC) |
|
User-agent: |
Pan/0.132 (Waxed in Black) |
Duncan <address@hidden> posted
address@hidden, excerpted below, on Thu, 29 May 2008
07:30:12 +0000:
> Pavel Polischouk
> <address@hidden> posted
> address@hidden, excerpted
> below, on Wed, 28 May 2008 23:12:22 -0400:
>
>> I discovered a heap overflow in pan 0.132, part of the code reading
>> .nzb files (either from tasks.nzb or elsewhere).
>> The bug is tracked in RedHat bugzilla for Fedora 9:
>> https://bugzilla.redhat.com/show_bug.cgi?id=446902
> http://bugzilla.gnome.org/show_bug.cgi?id=535413
> http://bugs.gentoo.org/show_bug.cgi?id=224051
>
> To keep the info together, here's the URL for the CVE entry you filed as
> well, altho currently all it says is "reserved".
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363
You may want to add at least the gnome bug URL to the RH bug, and I'd add
the Gentoo bug number too, but that's optional since it's listed on the
GNOME bug already.
--
Duncan - List replies preferred. No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master." Richard Stallman