26 Mar
2007
26 Mar
'07
15:30
On Mon, Mar 26, 2007 at 05:24:19PM +0200, Matthias Ferdinand wrote:
Hello,
are SuSE/OpenSuSE distributions vulnerable to CVE-2007-1536 (file(1) buffer overflow), too? I could not find any info about that, neither at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 nor at http://www.securityfocus.com/bid/23021 where many distros are mentioned, but not SuSE.
Yes. However it is likely not exploitable, the heap checking abort()s file pretty quickly. We are already preparing updates. Ciao, Marcus --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org