Subject: pkg/19335: Cyrus SASL library buffer overflows
To: None <gnats-bugs@gnats.netbsd.org>
From: None <naoki@fukaumi.org>
List: netbsd-bugs
Date: 12/10/2002 14:21:22
>Number: 19335
>Category: pkg
>Synopsis: Cyrus SASL library buffer overflows
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: pkg-manager
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Dec 09 21:22:01 PST 2002
>Closed-Date:
>Last-Modified:
>Originator: FUKAUMI Naoki
>Release: NetBSD 1.6K
>Organization:
FUKAUMI Naoki
>Environment:
>Description:
Cyrus SASL 2.1.9 has buffer overflow and misc bugs.
See:
http://online.securityfocus.com/archive/1/302603
2.1.10 was released.
>How-To-Repeat:
See above web page.
>Fix:
Update to 2.1.10.
ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.10.tar.gz
>Release-Note:
>Audit-Trail:
>Unformatted: