Skip Quicknav

• About Debian
• News
• Getting Debian
• Support
• Developers' Corner
• Site map
• Search

Debian Security Advisory

libdb -- buffer overflow

Date Reported:

undated

Affected Packages:

libdb

Vulnerable:

Yes

Security database references:

No other external database security references currently available.

More information:

Libdb includes version of snprintf() function with bound checking disabled.

From the libdb (1.85.4-4) changelog:

  * PORT/linux/Makefile: SECURITY FIX: don't build broken snprintf, which
    ignores the bounds check, making programs which just *happen* to use
    libdb vulnerable...

References:

• BugTraq mail list - July 1997 (0043)

Fixes: libdb 1.85.4-4 or later

Fixed in:

All - (in release 1.1) 1.85.4-4

This page is also available in the following languages:

Deutsch español français 日本語 (Nihongo) svenska

How to set the default document language