Re: pkg/55809: Webalizer seqfaults on NetBSD 9.0 and NetBSD 9.1

[Adrian Immanuel Kieß <adrian%kiess.onl@localhost>]

The following reply was made to PR pkg/55809; it has been noted by GNATS.

From: Adrian Immanuel =?ISO-8859-1?Q?Kie=DF?= <adrian%kiess.onl@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: pkg/55809: Webalizer seqfaults on NetBSD 9.0 and NetBSD 9.1
Date: Wed, 06 Jan 2021 07:37:57 +0100

 Dear Maintainer,
 
 I have let run webalizer again, against my Apache2 logfiles, and after
 the first new month is reached, the buffer overflow detected error
 again happens.
 
 From my /var/log/messages:
 
 Jan  6 07:00:00 www3 -: www3.kiess.onl webalizer - - - buffer overflow
 detected; terminated
 
 Sincerely,
 
 Adrian KieÃ?.
 
 Le jeudi 26 novembre 2020 à 15:25 +0000, Benny Siegert a écrit :
 > The following reply was made to PR pkg/55809; it has been noted by
 > GNATS.
 > 
 > From: Benny Siegert <bsiegert%gmail.com@localhost>
 > To: gnats-bugs%netbsd.org@localhost
 > Cc: pkg-manager%netbsd.org@localhost, gnats-admin%netbsd.org@localhost,
 > pkgsrc-bugs%netbsd.org@localhost
 > Subject: Re: pkg/55809: Webalizer seqfaults on NetBSD 9.0 and NetBSD
 > 9.1
 > Date: Thu, 26 Nov 2020 16:21:49 +0100
 > 
 > Â Yes, this indicates a buffer overflow, which is a security issue.
 > This
 > Â is something that you should report upstream.
 > Â 
 > Â That said, the pkgsrc package is an older version, and version 2.23-
 > 08
 > Â (released in 2013!) says in the release notes that it fixes a buffer
 > Â overflow.
 > Â