[Pkg-openldap-devel] Bug#375494: Preparation of the next stable Debian GNU/Linux update (I)

Holger Levsen debian at layer-acht.org
Tue Sep 19 21:45:25 UTC 2006


Hi,

On Saturday 16 September 2006 19:39, Moritz Muehlenhoff wrote:
> > Please explain why you think that putting arbitrary long strings into
> > fixed= sized buffers is not a security problem, preferedly in the
> > bugreport.
> The buffer overflow can only be triggered through a file only root can
> write to.

Thanks for your explainations (also to Joey), forwarded to the BTS.


regards,
	Holger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20060919/97f2c16b/attachment.pgp


More information about the Pkg-openldap-devel mailing list