zoo contains exploitable buffer overflows

Arjan van de Ven arjan at fenrus.demon.nl
Mon Feb 27 09:58:50 UTC 2006


> 
> 1. apply the patch (or a cleaner one if someone writes one - not me my C
> is much too rusty) and trust other problems will be caught by glibc?

well first of all make 100% sure that -fstack-protector-all is used in
the CFLAGS, as well as -D__FORTIFY_SOURCE=2. The later works from FC3
onwards, the former only in FC5. 

> 
> 2. do not apply the patch, trust glibc to catch problems?

fixing bugs is better than catching them with a crash. Always.




More information about the Fedora-maintainers mailing list