r664 - in trunk/BOOK: . chapter01 chapter06

robert at linuxfromscratch.org robert at linuxfromscratch.org
Sun Jul 2 12:18:43 PDT 2006


Author: robert
Date: 2006-07-02 13:18:42 -0600 (Sun, 02 Jul 2006)
New Revision: 664

Modified:
   trunk/BOOK/chapter01/changelog.xml
   trunk/BOOK/chapter06/coreutils.xml
   trunk/BOOK/general.ent
Log:
Add sed command to coreutils chapter 6 to fix overflow in the 'who' command (Redhat bug #158405).

Modified: trunk/BOOK/chapter01/changelog.xml
===================================================================
--- trunk/BOOK/chapter01/changelog.xml	2006-07-01 23:38:43 UTC (rev 663)
+++ trunk/BOOK/chapter01/changelog.xml	2006-07-02 19:18:42 UTC (rev 664)
@@ -110,6 +110,9 @@
 </listitem>
 -->
 
+<listitem><para>July 2nd, 2006 [Robert]: Add sed command to coreutils chapter 6 to fix
+overflow in the 'who' command (Redhat bug #158405).</para></listitem>
+
 <listitem><para>July 1st, 2006 [Robert]: Bump to expect-5.43.0-spawn-2 patch.</para></listitem>
 
 <listitem><para>July 1st, 2006 [Robert]: Bump to make-3.81, this fixes a issue with

Modified: trunk/BOOK/chapter06/coreutils.xml
===================================================================
--- trunk/BOOK/chapter06/coreutils.xml	2006-07-01 23:38:43 UTC (rev 663)
+++ trunk/BOOK/chapter06/coreutils.xml	2006-07-02 19:18:42 UTC (rev 664)
@@ -44,6 +44,12 @@
 
 <screen><userinput>sed -e 's/^CFLAGS .*$/& -pie -fpie/' -i src/Makefile.in</userinput></screen>
 
+<para>There is a buffer overflow vulnerability in the <command>who -Hu</command> command.
+See: <ulink url="https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=158405"/> for more
+information. Fix the bug with the following command:</para>
+
+<screen><userinput>sed -e 's/IDLESTR_LEN 6/IDLESTR_LEN 10/' -i src/who.c</userinput></screen>
+
 <para>Now prepare Coreutils for compilation:</para>
 
 <screen><userinput>./configure --prefix=/usr</userinput></screen>

Modified: trunk/BOOK/general.ent
===================================================================
--- trunk/BOOK/general.ent	2006-07-01 23:38:43 UTC (rev 663)
+++ trunk/BOOK/general.ent	2006-07-02 19:18:42 UTC (rev 664)
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<!ENTITY version "SVN-20060701">
-<!ENTITY releasedate "July 1st, 2006">
+<!ENTITY version "SVN-20060702">
+<!ENTITY releasedate "July 2nd, 2006">
 <!ENTITY milestone "0.3">
 
 <!ENTITY lfs-root "http://www.linuxfromscratch.org/">




More information about the hlfs-book mailing list