Mandriva: Subject: [Security Announce] [ MDVSA-2008:201 ] pan
LinuxSecurity.com: Pavel Polischouk found a boundary error in the PartsBatch class in the Pan newsreader when processing .nzb files, which could allow remote attackers to cause a denial of serice (application crash) or possibly execute arbitrary code via a crafted .nzb file (CVE-2008-2363). The updated packages have been patched to prevent this issue.
AU_CLASS(3) BSD Library Functions Manual AU_CLASS(3)NAME
getauclassent, getauclassent_r, getauclassnam, getauclassnam_r, setauclass, endauclass -- look up information from the audit_class database
LIBRARY
Basic Security Module Library (libbsm, -lbsm)
SYNOPSIS
#include <bsm/libbsm.h>
struct au_class_ent *
getauclassent(void);
struct au_class_ent *
getauclassent_r(struct au_class_ent *e);
struct au_class_ent *
getauclassnam(const char *name);
struct au_class_ent *
getauclassnam_r(struct au_class_ent *e, const char *name);
void
setauclass(void);
void
endauclass(void);
DESCRIPTION
These interfaces may be used to look up information from the audit_class(5) database, which describes audit event classes. Audit event
classes are described by struct au_class_ent.
The getauclassent() function will return the next class found in the audit_class(5) database, or the first if the function has not yet been
called. NULL will be returned if no further records are available.
The getauclassnam() function looks up a class by name. NULL will be returned if no matching class can be found.
The setauclass() function resets the iterator through the audit_class(5) database, causing the next call to getauclassent() to start again
from the beginning of the file.
The endauclass() function closes the audit_class(5) database, if open.
SEE ALSO libbsm(3), audit_class(5)HISTORY
The OpenBSM implementation was created by McAfee Research, the security division of McAfee Inc., under contract to Apple Computer, Inc., in
2004. It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution.
AUTHORS
This software was created by Robert Watson, Wayne Salamon, and Suresh Krishnaswamy for McAfee Research, the security research division of
McAfee, Inc., under contract to Apple Computer, Inc.
The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems.
BUGS
These routines cannot currently distinguish between an entry not being found and an error accessing the database. The implementation should
be changed to return an error via errno when NULL is returned.
BSD April 19, 2005 BSD