CVE-2009-4014

Description

Multiple format string vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to have an unspecified impact via vectors involving (1) check scripts and (2) the Lintian::Schedule module.

Affected products

• Debian / lintian1.23.0 – 1.23.0
• Debian / lintian1.23.1 – 1.23.1
• Debian / lintian1.23.2 – 1.23.2
• Debian / lintian1.23.3 – 1.23.3
• Debian / lintian1.23.4 – 1.23.4
• Debian / lintian1.23.5 – 1.23.5
• Debian / lintian1.23.6 – 1.23.6
• Debian / lintian1.23.7 – 1.23.7
• Debian / lintian1.23.8 – 1.23.8
• Debian / lintian1.23.9 – 1.23.9
• Debian / lintian1.23.10 – 1.23.10
• Debian / lintian1.23.11 – 1.23.11
• Debian / lintian1.23.12 – 1.23.12
• Debian / lintian1.23.13 – 1.23.13
• Debian / lintian1.23.14 – 1.23.14
• Debian / lintian1.23.15 – 1.23.15
• Debian / lintian1.23.16 – 1.23.16
• Debian / lintian1.23.17 – 1.23.17
• Debian / lintian1.23.18 – 1.23.18
• Debian / lintian1.23.19 – 1.23.19
• Debian / lintian1.23.20 – 1.23.20
• Debian / lintian1.23.22 – 1.23.22
• Debian / lintian1.23.23 – 1.23.23
• Debian / lintian1.23.24 – 1.23.24
• Debian / lintian1.23.25 – 1.23.25
• Debian / lintian1.23.26 – 1.23.26
• Debian / lintian1.23.27 – 1.23.27
• Debian / lintian1.23.28 – 1.23.28
• Debian / lintian1.24.0 – 1.24.0
• Debian / lintian1.24.1 – 1.24.1
• Debian / lintian1.24.2 – 1.24.2
• Debian / lintian1.24.2.1 – 1.24.2.1
• Debian / lintian2.0-rc1 – 2.0-rc1
• Debian / lintian2.0-rc2 – 2.0-rc2
• Debian / lintian2.1.0 – 2.1.0
• Debian / lintian2.1.1 – 2.1.1
• Debian / lintian2.1.2 – 2.1.2
• Debian / lintian2.1.3 – 2.1.3
• Debian / lintian2.1.4 – 2.1.4
• Debian / lintian2.1.5 – 2.1.5
• Debian / lintian2.1.6 – 2.1.6
• Debian / lintian2.2.0 – 2.2.0
• Debian / lintian2.2.1 – 2.2.1
• Debian / lintian2.2.2 – 2.2.2
• Debian / lintian2.2.3 – 2.2.3
• Debian / lintian2.2.4 – 2.2.4
• Debian / lintian2.2.5 – 2.2.5
• Debian / lintian2.2.6 – 2.2.6
• Debian / lintian2.2.7 – 2.2.7
• Debian / lintian2.2.8 – 2.2.8
• Debian / lintian2.2.9 – 2.2.9
• Debian / lintian2.2.10 – 2.2.10
• Debian / lintian2.2.11 – 2.2.11
• Debian / lintian2.2.12 – 2.2.12
• Debian / lintian2.2.13 – 2.2.13
• Debian / lintian2.2.14 – 2.2.14
• Debian / lintian2.2.15 – 2.2.15
• Debian / lintian2.2.16 – 2.2.16
• Debian / lintian2.2.18 – 2.2.18
• Debian / lintian2.3.0 – 2.3.0
• Debian / lintian2.3.1 – 2.3.1

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/38379
• VENDOR_ADVISORYhttp://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d
• VENDOR_ADVISORYhttp://packages.qa.debian.org/l/lintian/news/20100128T015554Z.html
• VENDOR_ADVISORYhttp://secunia.com/advisories/38375
• VENDOR_ADVISORYhttp://packages.debian.org/changelogs/pool/main/l/lintian/lintian_2.3.2/changelog
• VENDOR_ADVISORYhttp://www.debian.org/security/2010/dsa-1979
• VENDOR_ADVISORYhttp://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00
• MISChttp://www.securityfocus.com/bid/37975
• VENDOR_ADVISORYhttp://www.ubuntu.com/usn/USN-891-1