* SECURITY UPDATE: Incomplete patch for CVE-2007-2807, buffer can still
overflow in case of strlen(ctcpbuf) returning zero (LP: #377054)
- debian/patches/02_incompCVE-2007-2807.patch: Use memmove instead of
strncpy to avoid buffer overflow. Patch from Debian.
- CVE-2007-2807
This bug was fixed in the package eggdrop - 1.6.19- 1.1ubuntu1. 9.04.1
--------------- 1.1ubuntu1. 9.04.1) jaunty-security; urgency=low
eggdrop (1.6.19-
* SECURITY UPDATE: Incomplete patch for CVE-2007-2807, buffer can still patches/ 02_incompCVE- 2007-2807. patch: Use memmove instead of
overflow in case of strlen(ctcpbuf) returning zero (LP: #377054)
- debian/
strncpy to avoid buffer overflow. Patch from Debian.
- CVE-2007-2807
-- Savvas Radevic <email address hidden> Fri, 15 May 2009 20:58:58 +0100