Re: Accepted lynx 2.8.5-2sarge1 (source powerpc)
Thomas Dickey <dickey@radix.net> wrote:
> --ReaqsoxgOBHFXBhH
> Content-Type: text/plain; charset=iso-8859-1
> Content-Disposition: inline
> Content-Transfer-Encoding: quoted-printable
> On Sat, Nov 12, 2005 at 10:10:08AM +0100, Martin Schulze wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>=20
>> Format: 1.7
>> Date: Sat, 8 Oct 2005 09:23:11 +0200
>> Source: lynx
>> Binary: lynx
>> Architecture: source powerpc
>> Version: 2.8.5-2sarge1
>> Distribution: stable-security
>> Urgency: high
>> Maintainer: Martin Schulze <joey@debian.org>
>> Changed-By: Martin Schulze <joey@infodrom.org>
>> Description:=20
>> lynx - Text-mode WWW Browser
>> Changes:=20
>> lynx (2.8.5-2sarge1) stable-security; urgency=3Dhigh
>> .
>> * Non-maintainer upload by the Security Team
>> * Applied patch by Ulf H=E4rnhammar to fix buffer overflow that can le=
> ad
>> to arbitrary code execution [WWW/Library/Implementation/HTMIME.c,
>> CAN-2005-3120]
> I wrote the patch. Ulf reported the problem.
hmm - I was being too optimistic. Ulf's original patch, which I see in
the diff's changes the behavior from a core dump to truncating the data
(and giving the wrong result). I'd rather that the code work than simply
replace one bug with another.
--
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net
Reply to: