Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#20840 - [murmur] DoS via malformed client queries
Attached to Project:
Community Packages
Opened by Thomas (radioactiveman) - Monday, 13 September 2010, 14:34 GMT
Last edited by Sven-Hendrik Haase (Svenstaro) - Monday, 13 September 2010, 21:15 GMT
Opened by Thomas (radioactiveman) - Monday, 13 September 2010, 14:34 GMT
Last edited by Sven-Hendrik Haase (Svenstaro) - Monday, 13 September 2010, 21:15 GMT
|
DetailsDescription:
From [1]: > Through a malformed type of data is possible to force the termination > of the server due to an error in the SQL query (SQLite library). > The attacker needs to join the server to exploit it. Source and additional information: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=587713 Additional info: * package version: murmur 1.2.2-2 * fixed in murmur-git(AUR) Steps to reproduce: * Compile the .c-file with -lssl -lcrypto as parameter and execute it. Off topic: why is there no category 'Packages Community'? |
This task depends upon
Closed by Sven-Hendrik Haase (Svenstaro)
Monday, 13 September 2010, 21:15 GMT
Reason for closing: Fixed
Additional comments about closing: Niiiiiice!
Monday, 13 September 2010, 21:15 GMT
Reason for closing: Fixed
Additional comments about closing: Niiiiiice!
because there is a project called "Community Packages"
I like also the comment 'Thanks Debian, you are good for something!' :D