Bug#97924: This bug was improperly merged.

To: 97924@bugs.debian.org
Subject: Bug#97924: This bug was improperly merged.
From: Ian Turner <vectro@pipeline.com>
Date: Thu, 30 Jan 2003 00:57:46 -0800
Message-id: <[🔎] 20030130085745.GA22224@pipeline.com>
Reply-to: Ian Turner <vectro@pipeline.com>, 97924@bugs.debian.org

This bug should not have been merged wiht #98017, #165448, #166306, 
#171248, #177604, or #177871; it is an unrelated problem. Those bugs are 
caused by corrupted .bin files, but this problem is not fixed by the 
deletion of those files.

This bug is most probably caused by line 29 of apt-pkg/sourcelist.cc, 
where a static array of 10 elements is allocated; more package entries 
than that causes a buffer overflow condition. This may have security 
implications, and should probably be fixed ASAP.

I suggest the following be done immediately:

retitle 97924 sources.list is parsed into fixed-size array
severity 97924 grave
unmerge 97924
tags 97924 +security
thank you

Reply to:

Follow-Ups:
- Re: Bug#97924: This bug was improperly merged.
  - From: Jason Gunthorpe <jgg@debian.org>

Prev by Date: Bug#178993: marked as done (apt: "apt-cache search -something" doesn't work)
Next by Date: Processed: Re: Bug#97924: This bug was improperly merged.
Previous by thread: Bug#178993: marked as done (apt: "apt-cache search -something" doesn't work)
Next by thread: Re: Bug#97924: This bug was improperly merged.
Index(es):
- Date
- Thread