152156 – (sylpheed) Security update 1.0.4 available

Bug 152156 - (sylpheed) Security update 1.0.4 available

Summary: (sylpheed) Security update 1.0.4 available

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	sylpheed
Sub Component:
Version:	3
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Akira TAGOH
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-03-25 13:55 UTC by Rob van Nieuwkerk
Modified:	2007-11-30 22:11 UTC (History)
CC List:	1 user (show)
Fixed In Version:	1.0.4-0.fc3
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2005-03-30 02:56:07 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Rob van Nieuwkerk 2005-03-25 13:55:43 UTC

From Bugzilla Helper:
User-Agent: Opera/7.54 (X11; Linux i686; U)  [en]

Description of problem:
From the sylpheed home-page: http://sylpheed.good-day.net/ :

"A newly found buffer overflow was fixed at 1.0.4. This problem exists
from 0.8.0 to 1.0.3, and from 1.9.0 to 1.9.4, so be sure to upgrade."

Version-Release number of selected component (if applicable):
sylpheed-1.0.3-0.FC3

How reproducible:
Didn't try

Steps to Reproduce:
1. don't know
2.
3.
  

Additional info:

Comment 1 Warren Togami 2005-03-27 22:37:16 UTC

http://people.redhat.com/wtogami/temp/sylpheed-1.0.4-0.fc2.i386.rpm
http://people.redhat.com/wtogami/temp/sylpheed-1.0.4-0.fc3.i386.rpm
Please test these binaries and report back.

Comment 2 Akira TAGOH 2005-03-28 08:56:06 UTC

Well, 1.0.4 works fine as usual. However, though I've tried something against a
diff file from the previous release, I couldn't find any way to reproduce this
buffer overflow. the fixed code looks good at least. so we can push it for the
update package anyway.

Comment 3 Akira TAGOH 2005-03-30 02:56:07 UTC

The updated packages are now available. closing.

Note You need to log in before you can comment on or make changes to this bug.