We have received a report from Michal Zalewski that the klogd program as provided by the sysklogd was vulnerable to a buffer overrun. Debian is not affected since it uses a current version of this package. The bug was detected and fixed two years ago bei Leeland Olds. Details may be grabbed from the klogd.c source file. -- Debian GNU/Linux . Security Managers . security@debian.org debian-security-announce@lists.debian.org Christian Hudon . Wichert Akkerman . Martin Schulze <chrish@debian.org> . <wakkerma@debian.org> . <joey@debian.org>
Attachment:
pgpQ9562TL0Ao.pgp
Description: PGP signature