Package: fakechroot Version: 2.14-1 Severity: important popen keeps a list of open FILE objects (popen_list) so it can close any previously popen()'d streams in child processes. However libfakechroot provides no corresponding pclose function. This means: 1. The potentially incompatible libc pclose functions is used instead (potentially causing a segfault or memory corruption). 2. The list is not updated when the FILE object is closed, so popen will try to close it again (potentially causing a segfault/memory corruption/double free). This can easily be fixed by importing uClibc's pclose corresponding to the popen function.
-- System Information: Debian Release: squeeze/sid APT prefers natty-updates APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 'natty'), (500, 'lucid-updates'), (500, 'lucid-security'), (500, 'lucid') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-33-generic (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages fakechroot depends on: ii libc6 2.13-0ubuntu13 Embedded GNU C Library: Shared lib fakechroot recommends no packages. Versions of packages fakechroot suggests: ii libc6-i386 2.13-0ubuntu13 Embedded GNU C Library: 32-bit sha -- no debconf information -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
