osh 1.7-14ubuntu0.1 source package in Ubuntu
Changelog
osh (1.7-14ubuntu0.1) breezy-security; urgency=low * [SECURITY]: Multiple buffer overflows. - main.c: Don't overwrite the return value of getenv(), which can lead to injection of environment variables and to privilege escalation (root shell). Reported by Charles Stevenson. + CVE-2005-3346 + http://bugs.debian.org/338312 - main.c: Don't overflow the buffer using the current working directory and a specially crafted filename, which can lead to arbitrary code execution. Reported by 'Solar Eclipse'. + CVE-2005-3533 - Patch for both issues backported from Debian's osh 1.7-15. -- Daniel T Chen <email address hidden> Fri, 9 Dec 2005 02:02:31 -0800
Upload details
- Uploaded by:
- Ubuntu Archive Auto-Sync
- Uploaded to:
- Breezy
- Original maintainer:
- Oohara Yuuma
- Architectures:
- any
- Section:
- shells
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
osh_1.7-14ubuntu0.1.dsc | 571 bytes | 5c23b2d2f553c665e33bb051a8c32ff5aa25a0b94ab94d09238fb9c77bfa067e |
osh_1.7.orig.tar.gz | 146.7 KiB | 688a9bb36cd182eeda73b87d867c8cd4f615983ee84358d325e4454eeb76d66e |
osh_1.7-14ubuntu0.1.diff.gz | 12.7 KiB | ad95774d99bf713f517ff8494dd7002356f2d4743306c3a61274a8fead3a0651 |
No changes file available.
Binary packages built by this source
- osh: No summary available for osh in ubuntu breezy.
No description available for osh in ubuntu breezy.