Bug #5482: CVE-2014-7844, CVE-2004-2771 - more mailx(1) woes - illumos gate - illumos

Bug #5482

CVE-2014-7844, CVE-2004-2771 - more mailx(1) woes

Added by Robert Mustacchi about 6 years ago. Updated about 6 years ago.

Status:

Closed

Priority:

Urgent

Assignee:

Robert Mustacchi

Category:

cmd - userland programs

Start date:

2014-12-23

Due date:

% Done:

100%

Estimated time:

Difficulty:

Medium

Tags:

Gerrit CR:

Description

mailx(1) is vulnerable to several CVEs. We've adapted the various defenses pointed out here: http://seclists.org/oss-sec/2014/q4/1066.

Updated by Electric Monk about 6 years ago

Status changed from Pending RTI to Closed

git commit 5422785d352a2bb398daceab3d1898a8aa64d006

commit  5422785d352a2bb398daceab3d1898a8aa64d006
Author: Robert Mustacchi <rm@joyent.com>
Date:   2014-12-23T22:52:59.000Z

    5481 CVE-2012-1750 mailx(1) tilde expansion vulnerability
    5482 CVE-2014-7844, CVE-2004-2771 - more mailx(1) woes
    Reviewed by: Dan McDonald <danmcd@omniti.com>
    Reviewed by: Richard Lowe <richlowe@richlowe.net>
    Approved by: Dan McDonald <danmcd@omniti.com>

Also available in: Atom PDF

Project

General

Profile

illumos gate

Custom queries

Bug #5482

CVE-2014-7844, CVE-2004-2771 - more mailx(1) woes

Updated by Electric Monk about 6 years ago