CVE-2009-4014

NameCVE-2009-4014
DescriptionMultiple format string vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to have an unspecified impact via vectors involving (1) check scripts and (2) the Lintian::Schedule module.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-1979-1
NVD severityhigh (attack range: remote)
Debian/oldstablenot vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
lintian (PTS)squeeze2.4.3+squeeze1fixed
wheezy2.5.10.4fixed
jessie, sid2.5.30+deb8u3fixed

The information above is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
lintiansource(unstable)2.3.2medium
lintiansourceetch1.23.28+etch1highDSA-1979-1
lintiansourcelenny1.24.2.1+lenny1highDSA-1979-1

Search for package or bug name: Reporting problems