This bug was fixed in the package opie - 2.40~dfsg-0ubuntu1.10.04.1
---------------
opie (2.40~dfsg-0ubuntu1.10.04.1) lucid-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
off-by-one
- libopie/readrec.c: use strncpy so we don't overflow principal.
- http://security.freebsd.org/patches/SA-10:05/opie.patch
- CVE-2010-1938
* libopie/newseed.c: fix snprintf's length argument so opiepasswd will
generate valid seeds. (LP: #569292)
-- Marc Deslauriers <marc.deslauri...@ubuntu.com> Tue, 08 Jun 2010 11:19:07
-0400
** Changed in: opie (Ubuntu Lucid)
Status: Confirmed => Fix Released
** Changed in: opie (Ubuntu Karmic)
Status: Incomplete => Fix Released
--
opiepasswd does not always generate valid seeds
https://bugs.launchpad.net/bugs/569292
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
