MDKSA-2002:026

Nom du paquet

libsafe

Date

2002-04-11

Advisory ID

MDKSA-2002:026

Affected versions

SNF7.2 i586 , CS1.0 i586 , 8.1 i586 , 8.0 i586 , 8.2 i586 , 7.1 i586 , 7.2 i586

Problem description

Wojciech Purczynski discovered that format string protection in libsafe can be easily bypassed by using flag characters that are implemented in glibc but are not implemented in libsafe. It was also discovered that *printf function wrappers incorrectly parse argument indexing in format strings, making some incorrect assumptions on the number of arguments and conversion specifications. These problems were fixed by the libsafe authors in 2.0-12.

Updated packages

SNF7.2 i586

 4a709ce0e447ee0b419adfd29a8c3e5e  snf7.2/RPMS/libsafe-2.0.13-1.3mdk.i586.rpm
07f1c27a01efc4934d4ecf21c9b16519  snf7.2/SRPMS/libsafe-2.0.13-1.3mdk.src.rpm

CS1.0 i586

 2e5051889cc2aa3c6aec0f9e284d627c  1.0.1/RPMS/libsafe-2.0.13-1.2mdk.i586.rpm
9a8f35d46d0f59b02cfdde585ad26520  1.0.1/SRPMS/libsafe-2.0.13-1.2mdk.src.rpm

8.1 i586

 2ec21f68a7521aed44aa5d31be8d7da9  8.1/RPMS/libsafe-2.0.13-1.2mdk.i586.rpm
9a8f35d46d0f59b02cfdde585ad26520  8.1/SRPMS/libsafe-2.0.13-1.2mdk.src.rpm

8.0 i586

 1d0a81906bbc693b0509816013acac98  8.0/RPMS/libsafe-2.0.13-1.2mdk.i586.rpm
9a8f35d46d0f59b02cfdde585ad26520  8.0/SRPMS/libsafe-2.0.13-1.2mdk.src.rpm

8.2 i586

 4de44dea8f94c02d3f4350479dafe4e5  8.2/RPMS/libsafe-2.0.13-1.2mdk.i586.rpm
9a8f35d46d0f59b02cfdde585ad26520  8.2/SRPMS/libsafe-2.0.13-1.2mdk.src.rpm

7.1 i586

 2e5051889cc2aa3c6aec0f9e284d627c  7.1/RPMS/libsafe-2.0.13-1.2mdk.i586.rpm
9a8f35d46d0f59b02cfdde585ad26520  7.1/SRPMS/libsafe-2.0.13-1.2mdk.src.rpm

7.2 i586

 4a709ce0e447ee0b419adfd29a8c3e5e  7.2/RPMS/libsafe-2.0.13-1.3mdk.i586.rpm
07f1c27a01efc4934d4ecf21c9b16519  7.2/SRPMS/libsafe-2.0.13-1.3mdk.src.rpm

References

• http://online.securityfocus.com/bid/4326
• http://online.securityfocus.com/bid/4327