[Bug 278978] Re: [CVE-2008-3962] allow remote attackers to obtain sensitive information
Launchpad Bug Tracker
278978 at bugs.launchpad.net
Wed Oct 22 20:11:34 BST 2008
This bug was fixed in the package ssmtp - 2.62-1ubuntu3
---------------
ssmtp (2.62-1ubuntu3) intrepid; urgency=low
* SECURITY UPDATE: allow remote attackers to obtain sensitive
information (LP: #278978)
* debian/patches/02-CVE-2008-3962: adjust in ssmtp.c to fix
unitialized memory disclosure.
* SECURITY UPDATE: Buffer overflow (LP: #282424)
* debian/patches/03_fix_buffer_overflow: adjust ssmtp.c to fix
a buffer overflow with using 2 bytes in length instead of one in buffer.
* References:
CVE-2008-3962
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498366
-- Stefan Ebner <sebner at ubuntu.com> Tue, 07 Oct 2008 16:22:39 +0200
** Changed in: ssmtp (Ubuntu)
Status: Confirmed => Fix Released
--
[CVE-2008-3962] allow remote attackers to obtain sensitive information
https://bugs.launchpad.net/bugs/278978
You received this bug notification because you are a member of Ubuntu
Sponsors for universe, which is a direct subscriber.
More information about the Ubuntu-universe-sponsors
mailing list