* SECURITY UPDATE: denial of service via off-by-one
- libopie/readrec.c: use strncpy so we don't overflow principal.
- http://security.freebsd.org/patches/SA-10:05/opie.patch
- CVE-2010-1938
* libopie/newseed.c: fix snprintf's length argument so opiepasswd will
generate valid seeds. (LP: #569292)
-- Marc Deslauriers <email address hidden> Thu, 17 Jun 2010 10:30:54 -0400
This bug was fixed in the package opie - 2.40~dfsg-0ubuntu2
--------------- 0ubuntu2) maverick; urgency=low
opie (2.40~dfsg-
* SECURITY UPDATE: denial of service via off-by-one security. freebsd. org/patches/ SA-10:05/ opie.patch
- libopie/readrec.c: use strncpy so we don't overflow principal.
- http://
- CVE-2010-1938
* libopie/newseed.c: fix snprintf's length argument so opiepasswd will
generate valid seeds. (LP: #569292)
-- Marc Deslauriers <email address hidden> Thu, 17 Jun 2010 10:30:54 -0400