I'm no C expert at all, but it appears to me that 1.55-1ubuntu1 is not affected:
- w_read in policyd.c uses MAXLINE for length already
- the sanity check in sockets.c does not seem to apply for sockets.c in 1.55
(http://svn.linuxrulz.org/WebSVN/diff.php?repname=Policyd&path=%2Ftrunk%2Fsockets.c&rev=4&sc=1)
Please double-check my investigations!
** Changed in: postfix-policyd (Ubuntu Dapper)
Status: New => Incomplete
--
buffer overflow in w_read function (possible DoS and execution of arbitary code)
https://bugs.launchpad.net/bugs/136687
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
