Red Hat Bugzilla – Bug 115563
CAN-2004-0097 PWlib/OpenH323 vulnerabilities
Last modified: 2007-11-30 17:10:36 EST
Vulnerabilities in PWLib were found after running the NISCC OpenH323
"Of the nearly 4500 tests in the suite, OpenH323 failed two of them,
which took three lines of code to fix. These pointed out several other
potential problems as well, so the total changes were about 20 lines."
The pwlib-1.4.7-ranges.patch applies cleanly against pwlib-1.5.0 from
Fedora Core 1.
Created attachment 97647 [details]
SPEC file to add CVE-CAN-2004-0097 ranges patch
Created attachment 97648 [details]
Patch taken from RHL 9 to address CVE-CAN-2004-0097
This patch patches cleanly against Fedora Core 1's pwlib-1.5.0.
Just a question as I stumbled on hunk #2 (#3 in the original patch) as
well: Shouldn't that function return len for this version of the code?
The return value was only changed to 0 in later versions of the code.
Changing it to 0 here might lead to unexpected results.
Well. That was basically a bugfix i applied at the same time as the
security fix. :)
*** This bug has been marked as a duplicate of 114310 ***
Yeah, I figured that out (comment #4). Had a closer look and saw the
length should not be returned by the function but only in &len.
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.