Red Hat Bugzilla – Bug 146929
prozilla 1.3.6 has exploitable security holes
Last modified: 2007-11-30 17:10:59 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3)
Description of problem:
prozilla 1.3.6 has a number of buffer overflows that are exploitable. See:
These bugs are fixed in prozilla 18.104.22.168. Please update the version in
Fedora Extras from http://prozilla.genesys.ro/ .
Version-Release number of selected component (if applicable):
Steps to Reproduce:
I tried the exploit given in the Bugtraq article on my i386 box. It
didn't give me a shell, but it did crash prozilla with a segfault.
Still no build request.
Sadly prozilla 22.214.171.124 also has some remotely exploitable security
holes. I've packaged up prozilla 126.96.36.199, which fixes these holes
thanks to some gentoo folks, but this is still in pre-release testing.
I'll let you know when prozilla 188.8.131.52 is released.
prozilla 184.108.40.206 is available <http://prozilla.genesys.ro/?p=download>. From NEWS:
"* Support for downloading files > 2GB.
* Fix a remotely exploitable format string security bug.
* Fix bugs in the handling of bad command-line options. Previously
prozilla would return the success status code, even though it failed.
Now it returns failure.
* Fix a segfault. This occurred when prozilla could not assemble a file
due to lack of disk space and the user chose to abort the operation.
* Fix some typos."
220.127.116.11-1 is in the repos.