Fedora
pan package

Buffer Overflow in Pan

Bug #235747 reported by Darren Albers
256
Affects Status Importance Assigned to Milestone
pan (Debian)
Fix Released
Unknown
pan (Fedora)
Confirmed
Unknown
pan (Ubuntu)
Confirmed
Low
Unassigned

Bug Description

Binary package hint: pan

Redhat has a bug for a possible buffer overflow that could result in remote code execution:
https://bugzilla.redhat.com/show_bug.cgi?id=446902

The proposed patch is at: https://bugzilla.redhat.com/attachment.cgi?id=306880

CVE References

Bug Watch Updater (bug-watch-updater)
Changed in pan:
status: Unknown → Confirmed
Darren Albers (dalbers)
Changed in pan:
status: New → Unknown
Revision history for this message
Darren Albers (dalbers) wrote :

I made this bug public to avoid duplicates since the issue was publicly reported on this applications developers list.

Bug Watch Updater (bug-watch-updater)
Changed in pan:
status: Unknown → Confirmed
Bug Watch Updater (bug-watch-updater)
Changed in pan:
status: Unknown → New
Bug Watch Updater (bug-watch-updater)
Changed in pan:
status: New → Fix Released
Revision history for this message
dagr (dag-ringdal) wrote :

I have experienced the same problem, and the program has an update which should be possible to upgrade via the Ubuntu repository. Why isn't the update downloadable via the repository?

Kees Cook (kees)
Changed in pan:
status: New → Confirmed
Marc Deslauriers (mdeslaur)
Changed in pan (Ubuntu):
importance: Undecided → Low
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.