dircproxy (1.0.5-5ubuntu0.1) feisty-security; urgency=low
* SECURITY UPDATE: irc_server.c in dircproxy 1.2.0 and earlier allows remote
attackers to cause a denial of service (segmentation fault) via an ACTION
command without a parameter, which triggers a NULL pointer dereference, as
demonstrated using a blank /me message from irssi.
* src/irc_server.c: Added fix by Steffen Joeris <[EMAIL PROTECTED]>
to fix CVE-2007-5226 (LP: #150848)
* References:
CVE-2007-5226
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=445883
-- Stephan Hermann <[EMAIL PROTECTED]> Tue, 09 Oct 2007 10:09:15 +0200
** Changed in: dircproxy (Ubuntu Feisty)
Status: Fix Committed => Fix Released
--
[CVE-2007-5226] dircproxy segfault on blank /me
https://bugs.launchpad.net/bugs/150848
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
