Описание
The ledger::parse_date_mask_routine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| ledger | fixed | 3.1.2+dfsg1-1 | package | |
| ledger | no-dsa | stretch | package | |
| ledger | no-dsa | jessie | package | |
| ledger | no-dsa | wheezy | package |
Примечания
http://bugs.ledger-cli.org/show_bug.cgi?id=1224
https://github.com/ledger/ledger/issues/1224
https://github.com/ledger/ledger/commit/7c0ae5b02571e21f97d45f5d091cb78af9885713
Связанные уязвимости
The ledger::parse_date_mask_routine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
The ledger::parse_date_mask_routine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
The ledger::parse_date_mask_routine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
