]> granicus.if.org Git - cracklib/commit
Apply patch to fix CVE-2016-6318
authorJan Dittberner <jan@dittberner.info>
Thu, 25 Aug 2016 15:13:49 +0000 (17:13 +0200)
committerJan Dittberner <jan@dittberner.info>
Thu, 25 Aug 2016 15:13:49 +0000 (17:13 +0200)
commit47e5dec521ab6243c9b249dd65b93d232d90d6b1
treea6ff1001ec0c95ff5fd55640106bf1c6df30de19
parent6dd94e6f70de1c0a8d895a6e83dee41034898e37
Apply patch to fix CVE-2016-6318

This patch fixes an issue with a stack-based buffer overflow whne
parsing large GECOS field. See
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6318 and
https://security-tracker.debian.org/tracker/CVE-2016-6318 for more
information.
src/NEWS
src/lib/fascist.c