Full Disclosure mailing list archives
Re: glibc and alloca()
From: Graham Gower <graham.gower () gmail com>
Date: Sat, 26 Feb 2011 09:04:04 +1030
On 25 February 2011 18:52, Maksymilian Arciemowicz <cxib () securityreason com> wrote:
Chris Evans <scarybeasts <at> gmail.com> writes:Linux distribution might still have vulnerabilities in this area.proftpd use gnu libc implementation http://www.proftpd.org/docs/RELEASE_NOTES-1.3.4rc1 + Updated fnmatch implementation, using glibc-2.9 version. Version 1.3.3d may contain this issue
http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=f15ce4d8dc139523fe0c273580b604b2453acba6 http://proftp.cvs.sourceforge.net/viewvc/proftp/proftpd/lib/pr_fnmatch.c?revision=1.9&view=markup http://proftp.cvs.sourceforge.net/viewvc/proftp/proftpd/lib/pr_fnmatch_loop.c?revision=1.9&view=markup Perhaps they need to update the fnmatch implementation again. -Graham _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- glibc and alloca() Chris Evans (Feb 24)
- Re: glibc and alloca() Maksymilian Arciemowicz (Feb 25)
- Re: glibc and alloca() Graham Gower (Feb 25)
- Re: glibc and alloca() Maksymilian Arciemowicz (Feb 25)