Re: CAN-2005-1344: Buffer overflow in htdigest

To: Adam Conrad <adconrad@0c3.net>
Cc: Debian Apache Maintainers <debian-apache@lists.debian.org>
Subject: Re: CAN-2005-1344: Buffer overflow in htdigest
From: Martin Schulze <joey@infodrom.org>
Date: Sat, 30 Apr 2005 07:18:14 +0200
Message-id: <[🔎] 20050430051814.GR7744@finlandia.infodrom.north.de>
In-reply-to: <[🔎] 33804.165.228.245.41.1114821155.squirrel@mail.0c3.net>
References: <[🔎] 20050428053408.GR7744@finlandia.infodrom.north.de> <[🔎] 33804.165.228.245.41.1114821155.squirrel@mail.0c3.net>

Adam Conrad wrote:
> Martin Schulze wrote:
> > Are you aware of this:
> >
> >
> > http://www.lucaercoli.it/advs/htdigest.txt
> > http://www.securiteam.com/unixfocus/5EP061FEKC.html
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1344
> 
> We are now.  :)  Do you have a patch, or should I fix it myself when I get
> home from the Ubuntu conference?

I have not yet taken a deeper look, so no patch.  We also need to check
whether woody is affected.

Regards,

	Joey

-- 
Never trust an operating system you don't have source for!

Reply to:

References:
- CAN-2005-1344: Buffer overflow in htdigest
  - From: Martin Schulze <joey@infodrom.org>
- Re: CAN-2005-1344: Buffer overflow in htdigest
  - From: "Adam Conrad" <adconrad@0c3.net>

Prev by Date: Re: Packaging of APR 1.1.1
Next by Date: Bug#235653: Status of Bug 235653?
Previous by thread: Re: CAN-2005-1344: Buffer overflow in htdigest
Next by thread: Packaging of APR 1.1.1
Index(es):
- Date
- Thread