osh 1.7-14ubuntu0.1 source package in Ubuntu
Changelog
osh (1.7-14ubuntu0.1) breezy-security; urgency=low
* [SECURITY]: Multiple buffer overflows.
- main.c: Don't overwrite the return value of getenv(), which can
lead to injection of environment variables and to privilege
escalation (root shell). Reported by Charles Stevenson.
+ CVE-2005-3346
+ http://bugs.debian.org/338312
- main.c: Don't overflow the buffer using the current working
directory and a specially crafted filename, which can lead to
arbitrary code execution. Reported by 'Solar Eclipse'.
+ CVE-2005-3533
- Patch for both issues backported from Debian's osh 1.7-15.
-- Daniel T Chen <email address hidden> Fri, 9 Dec 2005 02:02:31 -0800
Upload details
- Uploaded by:
- Ubuntu Archive Auto-Sync
- Uploaded to:
- Breezy
- Original maintainer:
- Oohara Yuuma
- Architectures:
- any
- Section:
- shells
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| osh_1.7-14ubuntu0.1.dsc | 571 bytes | 5c23b2d2f553c665e33bb051a8c32ff5aa25a0b94ab94d09238fb9c77bfa067e |
| osh_1.7.orig.tar.gz | 146.7 KiB | 688a9bb36cd182eeda73b87d867c8cd4f615983ee84358d325e4454eeb76d66e |
| osh_1.7-14ubuntu0.1.diff.gz | 12.7 KiB | ad95774d99bf713f517ff8494dd7002356f2d4743306c3a61274a8fead3a0651 |
No changes file available.
Binary packages built by this source
- osh: No summary available for osh in ubuntu breezy.
No description available for osh in ubuntu breezy.
