diff options
author | bwarsaw <> | 2006-09-11 12:13:08 +0000 |
---|---|---|
committer | bwarsaw <> | 2006-09-11 12:13:08 +0000 |
commit | 374e50f91ac9675589a9752322f0a42069ebd9c3 (patch) | |
tree | 88de4e372fad2990bf7596d68ef4396de1b66f94 | |
parent | b214da0b5df97023c56fbb5619b553dff93faf7d (diff) | |
download | mailman2-374e50f91ac9675589a9752322f0a42069ebd9c3.tar.gz mailman2-374e50f91ac9675589a9752322f0a42069ebd9c3.tar.xz mailman2-374e50f91ac9675589a9752322f0a42069ebd9c3.zip |
Fix an unexploitable format string vulnerability. Even though unexploitable,
it's still crappy coding that should be fixed. CVE-2006-2191. Thanks go to
Karl Chen, Martin 'Joey' Schulze, and Elie Mamane.
-rw-r--r-- | NEWS | 4 | ||||
-rw-r--r-- | src/common.c | 2 |
2 files changed, 5 insertions, 1 deletions
@@ -19,6 +19,10 @@ Here is a history of user visible changes to Mailman. - Several cross-site scripting issues have been fixed. Thanks to Moritz Naumann for their discovery. CVE-2006-3636 + - Fixed an unexploitable format string vulnerability. Discovery and fix + by Karl Chen. Analysis of non-exploitability by Martin 'Joey' Schulze. + Also thanks go to Lionel Elie Mamane. CVE-2006-2191. + Internationalization - New languages: Arabic, Vietnamese. diff --git a/src/common.c b/src/common.c index e46a2b09..62ed7657 100644 --- a/src/common.c +++ b/src/common.c @@ -103,7 +103,7 @@ fatal(const char* ident, int exitcode, char* format, ...) printf("The Mailman CGI wrapper encountered a fatal error. "); printf("This entry is being stored in your syslog:"); printf("\n<pre>\n"); - printf(log_entry); + printf("%s", log_entry); printf("</pre>\n"); } else |