This bug was fixed in the package usbmuxd - 1.0.7-1ubuntu0.11.10.1
---------------
usbmuxd (1.0.7-1ubuntu0.11.10.1) oneiric-security; urgency=high
* SECURITY UPDATE: fix possible buffer overflow
- 90-cve-2012-0065.patch: use strncpy() instead of strcpy in
libusbmuxd/libusbmuxd.c receive_packet() with a size that
ensures we don't overflow dev->serial_number
- CVE-2012-0065
- LP: #919435
-- Leo Iannacone <[email protected]> Sun, 29 Jan 2012 16:14:32 +0100
** Changed in: usbmuxd (Ubuntu Oneiric)
Status: Fix Committed => Fix Released
** Changed in: usbmuxd (Ubuntu Natty)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/919435
Title:
buffer overflow introduced in 1.0.7 (CVE-2012-0065)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/usbmuxd/+bug/919435/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
