[prev in list] [next in list] [prev in thread] [next in thread]
List: suse-security
Subject: PINE and holes
From: Tobias Burnus <burnus () gmx ! de>
Date: 2000-10-31 20:21:06
[Download RAW message or body]
Hi,
the FreeBSD has recently issued two security warnings concerning PINE
4.21
SA-00:47: pine4 port allows denial of service
SA-00:59: pine4 port contains remote vulnerability
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:47.pine.asc
http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Fthreads%3D0%26e \
nd%3D2000-11-04%26fromthread%3D0%26mid%3D142048%26list%3D1%26start%3D2000-10-29%26
and on the pine site they claim that they fixed these security related
bugs in 4.30.
> Bugs that have been addressed in this release include:
>
> * Incoming mail with an extremely long From address can cause a
> buffer overflow on the stack (security)
> * X-Keywords crash for unix formatted mailboxes
> * Pine crashes when replying to or forwarding messages with certain
> types of attachments
Can we expect an update or is SuSE's 4.21-123 not vulnerable to either
bugs.
Tobias
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic