[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
(usagi-users 01459) [usagi-announce] [SECURITY] buffer overruns in Node Information Queries
- To: usagi-announce@xxxxxxxxxxxxxx
- Subject: (usagi-users 01459) [usagi-announce] [SECURITY] buffer overruns in Node Information Queries
- From: YOSHIFUJI Hideaki / 吉藤英明 <yoshfuji@xxxxxxxxxxxxxx>
- Date: Thu, 16 May 2002 03:47:25 +0900
- Reply-to: usagi-announce@xxxxxxxxxxxxxx
- Sender: "Hideaki YOSHIFUJI" <yoshfuji@xxxxxxxxxxxxxxxxxxxxxxxxx>
Hello,
We found a security issue (several buffer overruns) in Node Information
Query codes in our latest stable release in April. We've put fix
against this problem on our ftp site.
usagi-linux24-stable-20020408.tar.bz2 (usagi-linux24 kit) users
should apply usagi-linux24-stable-20020408_20020516-nodeinfo.fix,
and so on.
<ftp://ftp.linux-ipv6.org/pub/usagi/stable/kit/>
-rw-r--r-- 1 yoshfuji core 3800 May 16 03:00 usagi-linux22-stable-20020408_20020516-nodeinfo.fix
-rw-r--r-- 1 yoshfuji core 3811 May 16 03:01 usagi-linux24-stable-20020408_20020516-nodeinfo.fix
<ftp://ftp.linux-ipv6.org/pub/usagi/stable/split/>
-rw-r--r-- 1 yoshfuji core 2150 May 16 02:53 usagi-linux22-stable-20020408-2.2.20_20020516-nodeinfo.fix
-rw-r--r-- 1 yoshfuji core 2161 May 16 02:53 usagi-linux24-stable-20020408-2.4.18_20020516-nodeinfo.fix
-rw-r--r-- 1 yoshfuji core 1802 May 16 03:02 usagi-tool-stable-20020408_20020516-nodeinfo.fix
Though it is not confirmed yet, older stable releases may
have similar problem and above fixes sohuld apply.
Snap users are encouraged to update your source using "cvs
update -d -P -A".
Thanks.
--
Hideaki YOSHIFUJI @ USAGI Project <yoshfuji@xxxxxxxxxxxxxx>
GPG FP: 9022 65EB 1ECF 3AD1 0BDF 80D8 4807 F894 E062 0EEA