[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Debian not vulnerable to klogd bug

We have received a report from Michal Zalewski that the klogd program
as provided by the sysklogd was vulnerable to a buffer overrun.

Debian is not affected since it uses a current version of this
package.  The bug was detected and fixed two years ago bei Leeland
Olds.  Details may be grabbed from the klogd.c source file.

Debian GNU/Linux    .    Security Managers    .    security@debian.org
  Christian Hudon     .      Wichert Akkerman     .     Martin Schulze
<chrish@debian.org>   .   <wakkerma@debian.org>   .   <joey@debian.org>

Attachment: pgpQ9562TL0Ao.pgp
Description: PGP signature

Reply to: