Subject: Debian not vulnerable to klogd bug

To: Debian Security Announcements <debian-security-announce@lists.debian.org>
Subject: Subject: Debian not vulnerable to klogd bug
From: Martin Schulze <joey@finlandia.Infodrom.North.DE>
Date: Tue, 17 Nov 1998 23:12:15 +0100
Message-id: <19981117231215.I1164@finlandia.infodrom.north.de>
Reply-to: security@debian.org

We have received a report from Michal Zalewski that the klogd program
as provided by the sysklogd was vulnerable to a buffer overrun.

Debian is not affected since it uses a current version of this
package.  The bug was detected and fixed two years ago bei Leeland
Olds.  Details may be grabbed from the klogd.c source file.

--
Debian GNU/Linux    .    Security Managers    .    security@debian.org
              debian-security-announce@lists.debian.org
  Christian Hudon     .      Wichert Akkerman     .     Martin Schulze
<chrish@debian.org>   .   <wakkerma@debian.org>   .   <joey@debian.org>

Attachment: pgpthxFsP5yml.pgp
Description: PGP signature

Reply to:

Prev by Date: [SECURITY] New versions of junkbuster fixes buffer overflows
Next by Date: [SECURITY] Debian not affected by samba problems
Previous by thread: [SECURITY] New versions of junkbuster fixes buffer overflows
Next by thread: [SECURITY] Debian not affected by samba problems
Index(es):
- Date
- Thread