tags 701897 squeeze unreproducible
--
I have tried the PoC proposed by the original reported, but
have different outcomes:
- On a running squeeze distribution, nothing happens. No
segfaults, in particular.
- On a wheezy machine, I downloaded version 2.6.3's .dsc
from the QA page's link, configured, and built it; When I
run the PoC, I get:
grep: memory exhausted
which is the same result that I get when I use the version
installed on the machine.The notes on the Debian Security Tracker, however, suggest that the segfault is reproducible. It would be interesting to know other voices on this. I tag the issue with `squeeze' because it is the only possibly vulnerable version (<2.11). -- Gianluca Ciccarelli GPG key ID: 0x39BBDB6C
signature.asc
Description: Digital signature
