Bug 144518
| Summary: | CAN-2005-0087 alsa-lib disables stack protection for it's users | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 4 | Reporter: | Brian Stein <bstein> | ||||
| Component: | alsa-lib | Assignee: | Brian Stein <bstein> | ||||
| Status: | CLOSED ERRATA | QA Contact: | |||||
| Severity: | high | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 4.0 | CC: | bstevens, dff, mjc, notting | ||||
| Target Milestone: | --- | Keywords: | Security | ||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | impact=important | ||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2005-02-15 09:25:07 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 136452, 142822 | ||||||
| Attachments: |
|
||||||
|
Description
Arjan van de Ven
2005-01-07 21:45:54 UTC
Created attachment 109498 [details]
patch to fix this issue
I'm assigning this issue CAN-2005-0087 as it borderline qualifies for a CVE name under the definition of "exposure". Since this has the potential to disable stack execution protection for a large number of applications, it's violating a reasonable security stance for the RHEL4 product. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-033.html |