New Search

RHSA-2008:0946 -- ed security update (Moderate)

oval:org.mitre.oval:def:29199

An updated ed package that fixes one security issue is now available for Red Hat Enterprise Linux 2.1 3 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ed is a line-oriented text editor used to create display and modify text files (both interactively and via shell scripts). A heap-based buffer overflow was discovered in the way ed the GNU line editor processed long file names. An attacker could create a file with a specially-crafted name that could possibly execute an arbitrary code when opened in the ed editor. (CVE-2008-3916) Users of ed should upgrade to this updated package which contains a backported patch to resolve this issue.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 3
  • Red Hat Enterprise Linux 3
  • Red Hat Enterprise Linux 4
  • CentOS Linux 2
  • CentOS Linux 5
  • Red Hat Enterprise Linux 5
Class:
patch
Reference(s):
  • RHSA-2008:0946
  • CESA-2008:0946-CentOS 3
  • CESA-2008:0946-CentOS 2
  • CESA-2008:0946-CentOS 5
  • CVE-2008-3916
Product(s):
  • ed