Date: Thu, 25 Mar 2010 20:07:30 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src/contrib/cpio/lib rtapelib.c Message-ID: <201003252007.o2PK7qxs076101@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
delphij 2010-03-25 20:07:30 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_8)
contrib/cpio/lib rtapelib.c
Log:
SVN rev 205655 on 2010-03-25 20:07:30Z by delphij
MFC r205654:
The rmt client in GNU cpio could have a heap overflow when a malicious
remote tape service returns deliberately crafted packets containing
more data than requested.
Fix this by checking the returned amount of data and bail out when it
is more than what we requested.
PR: gnu/145010
Submitted by: naddy
Reviewed by: imp
Security: CVE-2010-0624
Revision Changes Path
1.2.2.1 +2 -1 src/contrib/cpio/lib/rtapelib.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201003252007.o2PK7qxs076101>