oss-sec mailing list archives

CVE id request: cbrpager

From: Tomas Hoger <thoger () redhat com>
Date: Sun, 25 May 2008 15:25:31 +0200

Hi all!

Mamoru Tasaka, cbrpager package maintainer in Fedora, discovered, that
cbrpager is affected by command execution flaw via malicious file
names in a similar way as comix was affected (as discussed on this list
previously - http://www.openwall.com/lists/oss-security/2008/03/31/1 ).

Mamoru's patch was accepted in the new upstream version - 0.9.17.

Further details and links in:
https://bugzilla.redhat.com/show_bug.cgi?id=448285

-- 
Tomas Hoger / Red Hat Security Response Team

Current thread:

CVE id request: cbrpager Tomas Hoger (May 25)
- Re: CVE id request: cbrpager Robert Buchholz (May 26)