diff options
| author |   Ned Ludd <solar@gentoo.org> | 2004-06-30 00:06:18 +0000 |
|---|---|---|
| committer | Ned Ludd <solar@gentoo.org> | 2004-06-30 00:06:18 +0000 |
| commit | 0c0a5451b957fb4a2b6137dc4e8dec592190aa9d (patch) | |
| tree | a9ef79dbe988e5f6529167e019aa1585c6005030 /net-misc/pavuk/ChangeLog | |
| parent | Rollback till the new gs is fixed on ppc (diff) | |
| download | historical-0c0a5451b957fb4a2b6137dc4e8dec592190aa9d.tar.gz historical-0c0a5451b957fb4a2b6137dc4e8dec592190aa9d.tar.bz2 historical-0c0a5451b957fb4a2b6137dc4e8dec592190aa9d.zip | |
Security update. When pavuk connects to a web server and the server sends back the HTTP status code 305 (Use Proxy), pavuk copies data from the HTTP Location header in an unsafe manner. This leads to a stack-based buffer overflow with control over EIP.
Diffstat (limited to 'net-misc/pavuk/ChangeLog')
| -rw-r--r-- | net-misc/pavuk/ChangeLog | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/net-misc/pavuk/ChangeLog b/net-misc/pavuk/ChangeLog index e04fbe6b37a4..5d191d37265c 100644 --- a/net-misc/pavuk/ChangeLog +++ b/net-misc/pavuk/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for net-misc/pavuk # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/pavuk/ChangeLog,v 1.4 2004/06/25 00:04:36 agriffis Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/pavuk/ChangeLog,v 1.5 2004/06/30 00:06:18 solar Exp $ + +*pavuk-0.9.28-r2 (29 Jun 2004) + + 29 Jun 2004; <solar@gentoo.org> metadata.xml, pavuk-0.9.28-r2.ebuild, + files/pavuk-0.9.28-http.patch: + Security update. When pavuk connects to a web server and the server sends back + the HTTP status code 305 (Use Proxy), pavuk copies data from the HTTP Location + header in an unsafe manner. This leads to a stack-based buffer overflow with + control over EIP. *pavuk-0.9.28-r1 (28 Nov 2003) |