Bug#183312: xbase-clients: Buffer overflow in "xman"
On Tue, Mar 04, 2003 at 12:05:05PM -0500, Branden Robinson wrote:
> On Tue, Mar 04, 2003 at 03:34:27PM +0000, Colin Watson wrote:
> > I'm working on a patch for this. The xman code is riddled with static
> > buffers.
> Great, thank you. I'll gladly accept it as soon as it's ready.
I'm still on this, vacation notwithstanding; sorry for the delay.
Can I suggest that this bug should be downgraded in the meantime? xman
is not setuid and not a network service, so there's no reason why a
segfault there should be considered a security problem. Exploiting one's
own account is not interesting. :)
Colin Watson [firstname.lastname@example.org]