Bug#431858: CVE-2007-3508: Integer overflow

To: Laurent Bonnaud <Laurent.Bonnaud@inpg.fr>, 431858@bugs.debian.org
Subject: Bug#431858: CVE-2007-3508: Integer overflow
From: Pierre Habouzit <madcoder@debian.org>
Date: Thu, 5 Jul 2007 21:12:58 +0200
Message-id: <[🔎] 20070705191258.GB4793@artemis.corp>
Reply-to: Pierre Habouzit <madcoder@debian.org>, 431858@bugs.debian.org
In-reply-to: <[🔎] 20070705135410.17115.21156.reportbug@irancy.lis.inpg.fr>
References: <[🔎] 20070705135410.17115.21156.reportbug@irancy.lis.inpg.fr>

On Thu, Jul 05, 2007 at 03:54:10PM +0200, Laurent Bonnaud wrote:
> Package: libc6
> Version: 2.5-11
> Severity: important
> 
> 
> Hi,
> 
> here is the problem:
> 
> http://www.gentoo.org/security/en/glsa/glsa-200707-04.xml

  FWIW this has been discussed with the security team already, there is
no way to exploit this, whatever the gentoo GLSA says. It does not mean
that we won't fix it, but it's not a big problem at all, I'm not even
sure it deserves the important severity :)

Cheers,
-- 
·O·  Pierre Habouzit
··O                                                madcoder@debian.org
OOO                                                http://www.madism.org

Attachment: pgpeZVMm4eRzJ.pgp
Description: PGP signature

Reply to:

References:
- Bug#431858: CVE-2007-3508: Integer overflow
  - From: Laurent Bonnaud <Laurent.Bonnaud@inpg.fr>

Prev by Date: r2394 - in glibc-package/branches/glibc-2.5/debian: . patches patches/hurd-i386
Next by Date: Request for build information
Previous by thread: Bug#431858: CVE-2007-3508: Integer overflow
Next by thread: Bug#431858: marked as done (CVE-2007-3508: Integer overflow)
Index(es):
- Date
- Thread