Описание
ELSA-2009-1102: cscope security update (MODERATE)
[15.5-15.1.el5_3.1]
- Release bump to create newer nvr despite dist tag change (fc6 -> el5)
[15.5-15.el5_3.4]
- Merge incdir-overflow and snprintf patches for better readability, snprintf is used now with PATHLEN limit without other adjustments, related strlen / %.*s / *_len are no longer needed and were dropped
- Update tempsec patch, drop extraneous s(n)printf argument to suppress compiler warnings
- Update fscanf-overflows patch to perform reffile argument length check earlier, now also includes strlen-adjust-fix patch
[15.5-15.el5_3.3]
- Correcting buffer overflow fix (bz 499200)
[15.5-15.el5_3.2]
- Fix some buffer overflows (bz 499200)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
cscope
15.5-15.1.el5_3.1
Oracle Linux x86_64
cscope
15.5-15.1.el5_3.1
Oracle Linux i386
cscope
15.5-15.1.el5_3.1
Связанные CVE
Связанные уязвимости
Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long #include line that is later browsed by the target.
Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long #include line that is later browsed by the target.
Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long #include line that is later browsed by the target.