Comment 5 for bug 1187001

Hi

Thanks. Also note the use of crypt() in a multithreaded application. Must be crypt_r().

CU,
      Arno

Seth Arnold <email address hidden> wrote:
>I think this hasn't been addressed in part because it didn't get a CVE
>number: http://openwall.com/lists/oss-security/2013/07/12/4
>
>Since the service appears to be restarting without qualm, I can see why
>it didn't get a CVE, but this does seem less than awesome.
>
>Mancha made a lot of patches for services when the crypt() change
>happened, here's an email from him with upstream patch and two
>backported patches: http://openwall.com/lists/oss-security/2013/07/12/3
>
>--
>You received this bug notification because you are subscribed to the
>bug
>report.
>https://bugs.launchpad.net/bugs/1187001
>
>Title:
> saslauthd[26791]: segfault at 0 ip b71de6f1 sp bfcd2d9c error 4 in
> libc-2.17.so[b7160000+1ad000]
>
>To manage notifications about this bug go to:
>https://bugs.launchpad.net/ubuntu/+source/cyrus-sasl2/+bug/1187001/+subscriptions

--
Sent from my Android device with K-9 Mail. Please excuse my brevity.