[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
New Release: 4.0.1 -- Fixes Potential Security Vulnerability
|
From: |
Chad Walstrom |
|
Subject: |
New Release: 4.0.1 -- Fixes Potential Security Vulnerability |
|
Date: |
Thu, 11 Nov 2004 16:57:49 -0600 |
|
User-agent: |
Mutt/1.5.6+20040722i |
The GNU GNATS Development Team has released a new version of GNATS, the
Problem Report Management System. This release, 4.0.1 is a patch
release to address a potential security vulnerability with string
formatting in gnats/misc.c that was described in:
http://lists.gnu.org/archive/html/bug-gnats/2004-06/msg00028.html
http://www.zone-h.org/advisories/read/id=4889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0623
http://www.debian.org/security/2004/dsa-590
Additional string formatting fixes were applied to avoid buffer
overflows in constructing formatted date strings.
You may download GNATS 4.0.1 from ftp://ftp.gnu.org/pub/gnu/gnats/ or
http://savannah.gnu.org/download/gnats (temporarily).
--
Chad Walstrom <address@hidden> http://www.wookimus.net/
assert(expired(knowledge)); /* core dump */
signature.asc
Description: Digital signature
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- New Release: 4.0.1 -- Fixes Potential Security Vulnerability,
Chad Walstrom <=