Bug#201750: XLOCALEDIR buffer overflow

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#201750: XLOCALEDIR buffer overflow
From: Mike Furr <mfurr@debian.org>
Date: Thu, 17 Jul 2003 12:21:53 -0400
Message-id: <[🔎] E19dBVx-0008LK-00@orthrus>
Reply-to: Mike Furr <mfurr@debian.org>, 201750@bugs.debian.org

Package: xlibs
Version: 4.2.1-9
Severity: grave
Tags: security

The bug described in http://www.securityfocusonline.com/bid/7002 exists in
sid's (presumable sarge, but not woody) xfree libs.

ie: 
  XLOCALEDIR=`perl -e 'printf "x" x 8000'` xclock
yields segv.  Not a huge impact, but needs to be fixed nonetheless.

-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux orthrus 2.4.17 #1 SMP Wed Dec 26 21:36:45 EST 2001 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages xlibs depends on:
ii  libc6                         2.3.1-17   GNU C Library: Shared libraries an
ii  libfreetype6                  2.1.4-4    FreeType 2 font engine, shared lib
ii  xfree86-common                4.2.1-9    X Window System (XFree86) infrastr

-- no debconf information

Reply to:

Follow-Ups:
- Bug#201750: XLOCALEDIR buffer overflow
  - From: Branden Robinson <branden@debian.org>

Prev by Date: X Strike Force SVN commit: rev 296 - /
Next by Date: Bug#130870: (no subject)
Previous by thread: X Strike Force SVN commit: rev 296 - /
Next by thread: Bug#201750: XLOCALEDIR buffer overflow
Index(es):
- Date
- Thread