A flaw in libHX was fixed . When HX_split() is caled with a maximum number of desired fields (the fourth argument is not 0), passing in a string that has less fields than that led to a buffer overrun (write beyond end of malloc'd area). This can lead to a remote denial of service on any network services that use libHX.
This flaw affects all versions of libHX up to and including version 3.5.
Created libHX tracking bugs for this issue
Affects: fedora-all [bug 625867]
This has been assigned the name CVE-2010-2947.
Does this bug need to be open any longer?
No, the dependencies are satisfied (as this has been fixed in Fedora). Thanks for the reminder. Closing.