NetBSD-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: NetBSD's libbz2 affected by this?
Just wanted to remind that this is still unfixed, hell, it's not even
mentioned on the NetBSD security page! It should at least be mentioned
there since it possibly allows arbitrary code execution! And there are a
_LOT_ of apps there that use bzip2, it's even used in networking
applications, which means a remote attacker could take control over the
user that runs the app! Apps like GnuPG use it, rendering them totally
useless if private keys can be stolen through this bug!
It seems like nobody of the devs cares, but this is URGENT! The bug is
known for too long now and it is assumed that arbitrary code execution
is likely, it won't take long until someone succeeds in exploiting it if
it allows arbitrary code execution!
--
Jonathan
Home |
Main Index |
Thread Index |
Old Index