Subject: zoo: buffer overflow when processing archives Package: zoo Version: 2.10-16 Severity: grave Justification: user security hole Tags: security
Hello, Jean-Sébastien Guay-Leroux has found a buffer overflow vulnerability in zoo: o http://secunia.com/advisories/19002/ o http://seclists.org/lists/fulldisclosure/2006/Feb/0572.html The full-disclosure post includes a patch. // Ulf Harnhammar -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12-1-686 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages zoo depends on: ii libc6 2.3.5-13 GNU C Library: Shared libraries an zoo recommends no packages. -- no debconf information