Subject: pkg/17424: net/socks5 buffer overflows and remote exploits
To: None <gnats-bugs@gnats.netbsd.org>
From: None <olt@bogosoft.com>
List: netbsd-bugs
Date: 06/28/2002 06:42:33
>Number:         17424
>Category:       pkg
>Synopsis:       net/socks5 buffer overflows and remote exploits
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Fri Jun 28 06:43:00 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator:     Oliver Tonnhofer
>Release:        1.5ZC
>Organization:
none
>Environment:
NetBSD fud 1.5ZC NetBSD 1.5ZC (MYKERNEL) #0: Tue Apr  2 18:41:25 CEST 2002     olt@fud:/usr/src/sys/arch/i386/compile/MYKERNEL i386
>Description:
The current pkgsrc version of socks5 is 1.0r2. There are some security issues: see http://online.securityfocus.com/search -> socks5
http://online.securityfocus.com/archive/1/9842
http://online.securityfocus.com/archive/1/145055

I don't know if NetBSD is affected, but I think it is a good idea to update socks5 to 1.0.r11.

>How-To-Repeat:

>Fix:
Update socks5 to 1.0.r11
>Release-Note:
>Audit-Trail:
>Unformatted: