|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: another Xlib buffer overflow
From: Matthieu Herrb (matthieu
LAAS.FR)Date: Fri Oct 13 2000 - 16:37:01 CDT
- Next message: debian-security-announceLISTS.DEBIAN.ORG: "[SECURITY] New version of Debian php4 packages released (updated)"
- Previous message: Renzo Toma: "Apache 1.3.14 Released"
- In reply to: Michal Zalewski: "another Xlib buffer overflow"
- Next in thread: Cy Schubert - ITSD Open Systems Group: "Re: another Xlib buffer overflow"
- Next in thread: Robert van der Meulen: "Re: another Xlib buffer overflow"
- Reply: Matthieu Herrb: "Re: another Xlib buffer overflow"
- Reply: Cy Schubert - ITSD Open Systems Group: "Re: another Xlib buffer overflow"
- Reply: Kris Kennaway: "Re: another Xlib buffer overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
You wrote (in your message from Friday 13)
>
> Vulnerable object: XFree 3.3.x Xlib (no data on 4.0.x); no mention of fix
> in "security issues" page at www.xfree86.org.
>
It was fixed in XFree86 4.0. From the CHANGELOG:
XFree86 3.9Nu (13 January 1999)
[...]
2141. Fix some sun_path overflows in xtrans.
-- Matthieu
- Next message: debian-security-announceLISTS.DEBIAN.ORG: "[SECURITY] New version of Debian php4 packages released (updated)"
- Previous message: Renzo Toma: "Apache 1.3.14 Released"
- In reply to: Michal Zalewski: "another Xlib buffer overflow"
- Next in thread: Cy Schubert - ITSD Open Systems Group: "Re: another Xlib buffer overflow"
- Next in thread: Robert van der Meulen: "Re: another Xlib buffer overflow"
- Reply: Matthieu Herrb: "Re: another Xlib buffer overflow"
- Reply: Cy Schubert - ITSD Open Systems Group: "Re: another Xlib buffer overflow"
- Reply: Kris Kennaway: "Re: another Xlib buffer overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]