Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 01 Apr 2015 21:29:20 +0200
From: Florian Weimer <fw@...eb.enyo.de>
To: oss-security@...ts.openwall.com
Subject: CVE request: Buffer overflow in das_watchdog

This was privately reported to Debian, but the developer published a
fix before we could assign a CVE ID.

Adam Sampson discovered that das_watchdog, a daemon to detect and
pause real-time processes which are misbehaving, contains an
exploitable buffer overflow in the handling of the XAUTHORITY
environment variable.

Upstream commit:

<https://github.com/kmatheussen/das_watchdog/commit/bd20bb02e75e2c>

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.