Bug 68603

Summary: should have a regression test for CVE-2013-0292
Product: dbus Reporter: Simon McVittie <smcv>
Component: GLibAssignee: Simon McVittie <smcv>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: medium CC: dcbw, rob.taylor, walters
Version: unspecifiedKeywords: patch
Hardware: Other   
OS: All   
Whiteboard:
i915 platform: i915 features:
Attachments: Add a regression test for CVE-2013-0292

Description Simon McVittie 2013-08-27 11:29:29 UTC 
Created attachment 84701 [details] [review]
Add a regression test for CVE-2013-0292

Inspired by Sebastian Krahmer's 'darklena.c', which used
this bug to exploit pam_fprintd.

---

I'd intended to release this maybe a week or two after we fixed the actual vulnerability (since it makes it rather too obvious how to exploit it), but I forgot.
Comment 1 Simon McVittie 2013-10-21 11:32:11 UTC 
It's had nearly 2 months without either veto or review, so I timed out and pushed it anyway. Revert it if you object.

Fixed in git for 0.102.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.