-
Committer:
Bazaar Package Importer
-
Author(s):
Martin Pitt
-
Date:
2006-06-26 11:37:55 UTC
-
Revision ID:
james.westby@ubuntu.com-20060626113755-zce8pntd0k384b9k
Tags: 2.2.26-5ubuntu2.1
* SECURITY UPDATE: Crash/arbitrary code execution with crafted host names.
* servers/slurpd/st.c, St_read():
- Do not sprintf arbitrarily long strings into fixed-size tbuf.
- Patch ported from upstream CVS commit:
http://www.openldap.org/devel/cvsweb.cgi/servers/slurpd/st.c.diff?
r1=1.21&r2=1.22&hideattic=1&sortbydate=0&f=u
- CVE-2006-2754