Bug#155529: marked as done (libc6: potentially security-relevant flaw in calloc)
Your message dated Tue, 05 Nov 2002 17:58:45 +0900
with message-id <80iszc9yuy.wl@oris.opensource.jp>
and subject line libc6: potentially security-relevant flaw in calloc
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 5 Aug 2002 15:01:32 +0000
>From Weimer@cert.uni-stuttgart.de Mon Aug 05 10:01:32 2002
Return-path: <Weimer@cert.uni-stuttgart.de>
Received: from mail.cert.uni-stuttgart.de [129.69.16.17]
by master.debian.org with esmtp (Exim 3.12 1 (Debian))
id 17bjMS-0006v6-00; Mon, 05 Aug 2002 10:01:32 -0500
Received: from rusfw by Mail.CERT.Uni-Stuttgart.DE with local (Exim 4.04)
id 17bjMR-0004sU-00; Mon, 05 Aug 2002 17:01:31 +0200
Subject: libc6: potentially security-relevant flaw in calloc
From: "Florian Weimer" <Weimer@CERT.Uni-Stuttgart.DE>
To: "Debian Bug Tracking System" <submit@bugs.debian.org>
X-Mailer: reportbug 1.99.47
Date: Mon, 05 Aug 2002 17:01:31 +0200
Message-Id: <E17bjMR-0004sU-00@Mail.CERT.Uni-Stuttgart.DE>
Delivered-To: submit@bugs.debian.org
Package: libc6
Version: 2.2.5-12
Severity: important
calloc() contains an integer overflow which means that in some cases,
the allocated buffer is too small. See the following page for details:
http://cert.uni-stuttgart.de/advisories/calloc.php
Currently, no specific threats are known, that's why this bug is not
critical, but the patch from the GNU libc CVS should be applied
nevertheless, IMHO.
-- System Information:
Debian Release: 3.0
Architecture: i386
Kernel: Linux CERT 2.4.18-xfs-1.1 #1 SMP Tue Jul 30 09:26:30 CEST 2002 i686
Locale: LANG=C, LC_CTYPE=en_US
-- no debconf information
---------------------------------------
Received: (at 155529-done) by bugs.debian.org; 5 Nov 2002 08:58:48 +0000
>From gotom@debian.or.jp Tue Nov 05 02:58:48 2002
Return-path: <gotom@debian.or.jp>
Received: from oris.opensource.jp (oris.opensource.gr.jp) [218.44.239.73] ([JuOjha4BMLEu99ULTW/fcOq2hQYkTV+l])
by master.debian.org with esmtp (Exim 3.12 1 (Debian))
id 188zXr-0003to-00; Tue, 05 Nov 2002 02:58:48 -0600
Received: from oris.opensource.jp (oris.opensource.jp [218.44.239.73])
by oris.opensource.gr.jp (Postfix) with ESMTP id 0B5E1C33C1
for <155529-done@bugs.debian.org>; Tue, 5 Nov 2002 17:58:46 +0900 (JST)
Date: Tue, 05 Nov 2002 17:58:45 +0900
Message-ID: <80iszc9yuy.wl@oris.opensource.jp>
From: GOTO Masanori <gotom@debian.or.jp>
To: 155529-done@bugs.debian.org
Subject: libc6: potentially security-relevant flaw in calloc
User-Agent: Wanderlust/2.9.9 (Unchained Melody) SEMI/1.14.3 (Ushinoya)
FLIM/1.14.3 (=?ISO-8859-4?Q?Unebigory=F2mae?=) APEL/10.3 Emacs/21.2
(i386-debian-linux-gnu) MULE/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.3 - "Ushinoya")
Content-Type: text/plain; charset=US-ASCII
Delivered-To: 155529-done@bugs.debian.org
X-Spam-Status: No, hits=-0.5 required=5.0
tests=SPAM_PHRASE_00_01,USER_AGENT
version=2.41
X-Spam-Level:
This bug is fixed in current woody/sid.
Reply to: