Subject: pkg/15149: [security] cyrus-sasl in packages has format string bug
To: None <gnats-bugs@gnats.netbsd.org>
From: None <naoki@fukaumi.org>
List: netbsd-bugs
Date: 01/06/2002 00:57:32
>Number: 15149
>Category: pkg
>Synopsis: Cyrus SASL library ver < 1.5.27 has format string vulnerability
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: pkg-manager
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Jan 05 07:58:00 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:
>Release: NetBSD 1.5Z
>Organization:
FUKAUMI Naoki
>Environment:
NetBSD 1.5Z
>Description:
See http://www.securityfocus.com/bid/3498
>How-To-Repeat:
none
>Fix:
update to 1.5.27 or apply patch
(It is from ftp://ftp.freebsd.org/pub/FreeBSD/ports/ports/security/cyrus-sasl/files/patch-lib%3A%3Acommon.c )
--- lib/common.c.orig Thu Dec 6 18:34:09 2001
+++ lib/common.c Thu Dec 6 18:34:24 2001
@@ -596,7 +596,7 @@
}
/* do the syslog call. do not need to call openlog */
- syslog(syslog_priority | LOG_AUTH, message);
+ syslog(syslog_priority | LOG_AUTH, "%s", message);
return SASL_OK;
}
>Release-Note:
>Audit-Trail:
>Unformatted: