Debian Security Advisory
DSA-035-1 man2html -- remote denial of service
- Date Reported:
- 07 Mar 2001
- Affected Packages:
- man2html
- Vulnerable:
- Yes
- Security database references:
- In the Debian bugtracking system: Bug 28024, Bug 78195.
In Mitre's CVE dictionary: CVE-2001-0457. - More information:
- It has been reported that one can tweak man2html remotely
into consuming all available memory. This has been fixed by Nicolás Lichtmaier
with help of Stephan Kulow.
We recommend you upgrade your man2html package immediately.
- Fixed in:
-
Debian 2.2 (potato)
- Source:
-
http://security.debian.org/dists/stable/updates/main/source/man2html_1.5.orig.tar.gz
-
http://security.debian.org/dists/stable/updates/main/source/man2html_1.5-23.dsc
-
http://security.debian.org/dists/stable/updates/main/source/man2html_1.5-23.diff.gz
- alpha:
-
http://security.debian.org/dists/stable/updates/main/binary-alpha/man2html_1.5-23_alpha.deb
- arm:
-
http://security.debian.org/dists/stable/updates/main/binary-arm/man2html_1.5-23_arm.deb
- i386:
-
http://security.debian.org/dists/stable/updates/main/binary-i386/man2html_1.5-23_i386.deb
- m68k:
-
http://security.debian.org/dists/stable/updates/main/binary-m68k/man2html_1.5-23_m68k.deb
- powerpc:
-
http://security.debian.org/dists/stable/updates/main/binary-powerpc/man2html_1.5-23_powerpc.deb
- sparc:
-
http://security.debian.org/dists/stable/updates/main/binary-sparc/man2html_1.5-23_sparc.deb