FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

bogofilter -- heap corruption by invalid base64 input

Affected packages
bogofilter < 1.2.3
bogofilter-sqlite < 1.2.3
bogofilter-tc < 1.2.3

Details

VuXML ID f524d8e0-3d83-11e2-807a-080027ef73ec
Discovery 2012-10-17
Entry 2012-12-03

David Relson reports:

Fix a heap corruption in base64 decoder on invalid input. Analysis and patch by Julius Plenz, [FU Berlin, Germany].

References

CVE Name CVE-2012-5468
URL http://bogofilter.sourceforge.net/security/bogofilter-SA-2012-01