BSDSec

deadsimple BSD Security Advisories and Announcements

MidnightBSD 1.2.10

New security update for MidnightBSD.

Description:

udf: Validate the full file entry length

Otherwise a corrupted file entry containing invalid extended attribute
lengths or allocation descriptor lengths can trigger an overflow when
the file entry is loaded.

Discovered by:
C Turt <ecturt@gmail.com>


Lucas Holt
Luke@FoolishGames.com
________________________________________________________
MidnightBSD.org (Free OS)
JustJournal.com (Free blogging)




_______________________________________________
Midnightbsd-security mailing list
Midnightbsd-security@midnightbsd.org
http://www.midnightbsd.org/mailman/listinfo/midnightbsd-security