On Fri, 2005-12-02 at 10:13 -0700, Michal Jaegermann wrote: > If those headers are stored without checks in some fixed size memory > region, and headers are bigger than that, then bad things will > happen. Backtraces you posted suggest that stack was indeed corrupted. > In such case this is a security issue.
If we can prove the issue and reproduce it, we need to alert vendor-sec for a CVE, and then keep quite about it until the public date is reached. -- Jesse Keating RHCE (geek.j2solutions.net) Fedora Legacy Team (www.fedoralegacy.org) GPG Public Key (geek.j2solutions.net/jkeating.j2solutions.pub) Was I helpful? Let others know: http://svcs.affero.net/rm.php?r=jkeating -- fedora-legacy-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-legacy-list
