Debian Security Advisory
libdb -- buffer overflow
- Date Reported:
- undated
- Affected Packages:
- libdb
- Vulnerable:
- Yes
- Security database references:
- No other external database security references currently available.
- More information:
-
Libdb includes version of snprintf() function with bound checking
disabled.
From the libdb (1.85.4-4) changelog:
* PORT/linux/Makefile: SECURITY FIX: don't build broken snprintf, which ignores the bounds check, making programs which just *happen* to use libdb vulnerable...
References:
Fixes: libdb 1.85.4-4 or later
- Fixed in:
- All - (in release 1.1) 1.85.4-4