[1550] in linux-security and linux-alert archive
[linux-security] Vulnerability in Elm-ME+
daemon@ATHENA.MIT.EDU (John Goerzen)
Fri May 16 01:58:00 1997
Date: Thu, 15 May 1997 11:54:17 -0500
From: John Goerzen <jgoerzen@happy.cs.twsu.edu>
To: bugtraq@netspace.org, linux-security@redhat.com
Cc: hurtta+elm@ozone.FMI.FI
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
Hello,
I have confirmed that the recently-reported vulnerability in Elm is also
present in Elm-ME+ and thus also in Debian GNU/Linux version 1.2, prerelease
version 1.3, and development tree "unstable".
Below is a short diff to correct the problem.
Debian GNU/Linux 1.2.x uses stock Elm 2.4pl25. Users of that version of Elm
should upgrade to Elm-ME+ as detailed below.
Debian 1.3 (currently in prerelease) will come with Elm-ME+. You should
upgrade to the latest Elm-ME+.
You can download the binary package immediately from:
ftp://happy.cs.twsu.edu/pub/Debian/binaries/elm-me+_2.4pl25ME+31-5_i386.deb
Updated source packages and diffs are under /pub/Debian/sources on the same
server.
I have released the updated package to Debian's master server, and should
show up in distributions shortly.
John Goerzen
--- elm-me+-2.4pl25ME+31.orig/src/curses.c
+++ elm-me+-2.4pl25ME+31/src/curses.c
@@ -131,7 +131,7 @@
if ((termenv = getenv("TERM")) == NULL) return(-1);
- if (strcpy(termname, termenv) == NULL)
+ if (strncpy(termname, termenv, sizeof(termname)) == NULL)
return(-1);
if ((err = tgetent(_terminal, termname)) != 1)