Viewing all changes in revision 9.
- Committer: Package Import Robot
- Date: 2013-09-14 23:45:44 UTC
- Revision ID: package-import@ubuntu.com-20130914234544-evt91cu5mugch3pe
* Fixes for various long-standing security issues found by Hamid
Zamani <me@hamidx9.ir>. Closes: #720287
+ Validate the port offset of nasd to fix a potential buffer overflow
(CVE-2013-4256)
+ Use better string functions to guard against heap overflows
(CVE-2013-4257)
+ Sanity-check the TCP_DEVICE environment variable for safety.
* Fix string handling in aulog.c:osLogMsg() to fix missing format string
in call to syslog() (CVE-2013-4258).
Zamani <me@hamidx9.ir>. Closes: #720287
+ Validate the port offset of nasd to fix a potential buffer overflow
(CVE-2013-4256)
+ Use better string functions to guard against heap overflows
(CVE-2013-4257)
+ Sanity-check the TCP_DEVICE environment variable for safety.
* Fix string handling in aulog.c:osLogMsg() to fix missing format string
in call to syslog() (CVE-2013-4258).
expand all
collapse all
added
removed
