Ubuntu
audit package

  1. Bug #216117
  2. Comment #6

Comment 6 for bug 216117

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package audit - 1.5.4-0ubuntu1.1

---------------
audit (1.5.4-0ubuntu1.1) gutsy-security; urgency=low

  * SECURITY UPDATE: (LP: #216117)
   + debian/patches/CVE-2008-1628.patch
    - Stack-based buffer overflow in the audit_log_user_command function in
      lib/audit_logging.c in Linux Audit before 1.7 might allow remote
      attackers to execute arbitrary code via a long command argument.
  * References
   + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1628
   + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475227

 -- Emanuele Gentili <email address hidden> Sat, 12 Apr 2008 23:52:13 +0200