tags 701897 squeeze unreproducible -- I have tried the PoC proposed by the original reported, but have different outcomes: - On a running squeeze distribution, nothing happens. No segfaults, in particular. - On a wheezy machine, I downloaded version 2.6.3's .dsc from the QA page's link, configured, and built it; When I run the PoC, I get: grep: memory exhausted which is the same result that I get when I use the version installed on the machine.
The notes on the Debian Security Tracker, however, suggest that the segfault is reproducible. It would be interesting to know other voices on this. I tag the issue with `squeeze' because it is the only possibly vulnerable version (<2.11). -- Gianluca Ciccarelli GPG key ID: 0x39BBDB6C
signature.asc
Description: Digital signature