Control: tags -1 moreinfo
On 2013-02-17 19:12, Mike Miller wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian....@packages.debian.org
> Usertags: unblock
>
> Dear Release Team,
>
Hi,
> Please unblock package openconnect, version 3.20-3 already uploaded to
> unstable. This upload fixes RC bug #700794 (CVE-2012-6128), a
> stack-based buffer overflow vulnerability.
>
> The fix was made upstream and this change is a backport of that patch to
> version 3.20. The debdiff is included below. Thanks in advance.
>
>
> [...]
> ++
> ++static void buf_append(struct oc_text_buf *buf, const char *fmt, ...)
> ++{
> [...]
> ++ buf->data = realloc(buf->data, new_buf_len);
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
As mentioned in #700805, this line introduces a memory leak if realloc
fails for any reason.
[...]
I believe this bug also affects the version uploaded to proposed-updates
(i.e. 2.25-0.1+squeeze2).
~Niels
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
