[Bug 216117] Re: [CVE-2008-1628] buffer overflow in lib/audit_logging.c
Launchpad Bug Tracker
216117 at bugs.launchpad.net
Mon Apr 21 14:45:02 BST 2008
This bug was fixed in the package audit - 1.6.5-0ubuntu3
---------------
audit (1.6.5-0ubuntu3) hardy; urgency=low
* SECURITY UPDATE: (LP: #216117)
+ debian/patches/CVE-2008-1628.patch
- Stack-based buffer overflow in the audit_log_user_command function in
lib/audit_logging.c in Linux Audit before 1.7 might allow remote
attackers to execute arbitrary code via a long command argument.
* References
+ http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1628
+ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475227
-- Emanuele Gentili <emgent at emanuele-gentili.com> Sun, 13 Apr 2008
00:03:01 +0200
** Changed in: audit (Ubuntu Hardy)
Status: In Progress => Fix Released
--
[CVE-2008-1628] buffer overflow in lib/audit_logging.c
https://bugs.launchpad.net/bugs/216117
You received this bug notification because you are a member of Ubuntu
Sponsors for universe, which is a direct subscriber.
More information about the Ubuntu-universe-sponsors
mailing list