[Xymon] acknowledge.c(gi) buffer overrun
Mark Felder
feld at feld.me
Sat Jan 31 20:21:19 CET 2015
On Sat, Jan 31, 2015, at 09:24, Axel Beckert wrote:
> Hi,
>
> On Fri, Jan 23, 2015 at 02:06:27PM +0100, Christoph Berg wrote:
> > Re: J.C. Cleaver 2015-01-22 <282e3f8897d4065d851081e23f6b320c.squirrel at mail.kkytbs.net>
> > > On Thu, January 22, 2015 8:14 am, Christoph Berg wrote:
> > > > This might even deserve a CVE number, but as it's a seccgi, it's
> > > > not widely exposed.
>
> It now got a CVE-ID assigned: CVE-2015-1430
>
> See http://www.openwall.com/lists/oss-security/2015/01/31/4
>
> > > This is fixed in (unreleased) 4.3.18, via
> > > https://sourceforge.net/p/xymon/code/7483.
>
> Any news about when 4.3.18 will be officially released?
>
It has been unofficially officially released. I am shipping 4.3.18 in
FreeBSD.
More information about the Xymon
mailing list