Package: heartbeat
Version: 1.2.5-3
Severity: important
from my authekeys
1 sha1 1234567890123456789012345678901234567890123456789012345678901234
2 sha1 12345678901234567890123456789012345678901234567890123456789012345
when using auth 2 I see this line in syslog
kernel: heartbeat[4032]: segfault at 00007fff41a00000 rip
00002b246967e217 rsp 00007fff41ae29c0 error 4
authkey 1 has no problems
Marked important as I see some sting defined with length 64 in
lib/plugins/HBauth/sha1.c
and AFAIK this could be used for buffer overflow attacks.
md5 looks unaffected.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-amd64
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages heartbeat depends on:
ii add 3.102 Add and remove users and groups
ii ipr 20061002-3 Professional tools to control the
ii ipu 3:20020927-6 Tools to test the reachability of
ii lib 2.3.6.ds1-13etch4 GNU C Library: Shared libraries
ii lib 1.2.10-17 The GLib library of C routines
ii lib 1.1.2.1-2 library for the construction and h
ii lib 1.2.5-3 Plugin and Interface Loading Syste
ii lib 1:2.10.1-3 library to read temperature/voltag
ii lib 5.2.3-7 NET SNMP (Simple Network Managemen
ii lib 0.9.8c-4etch1 SSL shared libraries
ii lib 1.2.5-3 Interface for remotely powering do
ii lib 1.39+1.40-WIP-2006.11.14+dfsg-2etch1 universally unique id library
ii lib 7.6.dbs-13 Wietse Venema's TCP wrappers libra
ii psm 22.3-1 Utilities that use the proc filesy
ii pyt 2.4.4-2 An interactive high-level object-o
ii pyt 0.5.12 register and build utility for Pyt
Versions of packages heartbeat recommends:
ii iptables 1.3.6.0debian1-5 administration tools for packet fi
ii logrotate 3.7.1-3 Log rotation utility
ii sysklogd [system-log-da 1.4.1-18 System Logging Daemon
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
