Bug 43437

Summary: Update port irc/ezbounce Security Fix
Product: Ports & Packages Reporter: Tilman Linneweh <tilman>
Component: Individual Port(s)Assignee: Tilman Keskinoz <arved>
Status: Closed FIXED    
Severity: Affects Only Me CC: tilman
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
ezbounce.diff none

Description Tilman Linneweh 2002-09-27 22:00:13 UTC 
From ezbounce's Homepage:

July 21, 2002

Security update: patch against 1.02

A small problem exists in 1.02 that can be exploited remotely. It is an "off-by-two" error that can be exploited ONLY by users with admin privileges. Specifically, it is caused by an incorrect usage of strncat() in the "DIE" command handler. Therefore, it is not a serious security hole, but the patch is available for those uber-serious about their system safety.
Comment 1 Oliver Braun freebsd_committer freebsd_triage 2002-10-19 23:01:31 UTC 
Responsible Changed
From-To: freebsd-ports->arved

Submitter is committer now.
Comment 2 Tilman Keskinoz freebsd_committer freebsd_triage 2002-11-18 23:22:52 UTC 
State Changed
From-To: open->closed

Committed thanks