Bug 218506 - CVE-2006-6169 GnuPG heap overflow
Summary: CVE-2006-6169 GnuPG heap overflow
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: gnupg
Version: 6
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact:
URL: https://bugs.g10code.com/gnupg/issue728
Whiteboard: impact=low,reported=20061128,source=g...
Depends On: 218505
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-12-05 19:38 UTC by Lubomir Kundrak
Modified: 2008-05-01 15:38 UTC (History)
0 users

Fixed In Version: 1.4.6-2
Clone Of:
Environment:
Last Closed: 2007-02-03 22:56:27 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Lubomir Kundrak 2006-12-05 19:38:07 UTC 
+++ This bug was initially created as a clone of Bug #218505 +++

Description of problem:

If make_printable_string() returns a string longer than one given as an
argument, a heap-based buffer overflow occurs in openfile.c:ask_outfile_name()

Version-Release number of selected component (if applicable):

RHEL-2.1, RHEL-3, RHEL-4, RHEL-5, FC-5, FC-6
Comment 1 Nalin Dahyabhai 2007-02-03 22:56:27 UTC 
This was fixed by the update to 1.4.6-2.  Closing.
Note You need to log in before you can comment on or make changes to this bug.