CVE-2009-0363: multiple remote buffer overflows
Bug #329165 reported by
Anders Kaseorg
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
barnowl (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Jaunty |
Fix Released
|
Undecided
|
Unassigned | ||
owl (Debian) |
Fix Released
|
Unknown
|
|||
owl (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Jaunty |
Won't Fix
|
Medium
|
Unassigned |
Bug Description
Binary package hint: owl
owl and BarnOwl are affected by multiple buffer overflows that are remotely exploitable. These vulnerabilities are fixed in BarnOwl 1.0.5:
http://
(BarnOwl is a fork of the unmaintained owl project that fixes many important bugs and adds new features. It is usable as a drop-in replacement for owl.)
CVE References
Changed in owl: | |
status: | Unknown → New |
Changed in owl (Ubuntu): | |
status: | New → Confirmed |
Changed in owl (Ubuntu): | |
importance: | Undecided → Medium |
status: | Confirmed → Fix Released |
Changed in owl (Ubuntu Jaunty): | |
importance: | Undecided → Medium |
status: | New → Confirmed |
Changed in barnowl (Ubuntu Jaunty): | |
status: | New → Fix Released |
Changed in owl (Debian): | |
status: | New → Fix Released |
To post a comment you must log in.
Please sync barnowl (1.0.5-1) from Debian unstable (main).
barnowl (1.0.5-1) unstable; urgency=high
* New upstream release
* Fix use of sprintf in zwrite.c and zcrypt.c that is likely to be
exploitable
* Enable fortify_source and stack protector to reduce impact of similar
problems in the future.
* Together, fixes: CVE-2009-0363t3; Closes: #495056
-- Sam Hartman <email address hidden> Wed, 11 Feb 2009 11:08:36 -0500