[$] What the beep?
Wednesday April 11, 2018. 11:41 PM , from LWN.net
A 'simple' utility to make a system beep is hardly the first place one would
check for security flaws, but the strange case of the 'Holey Beep'
should perhaps lead to some rethinking. A Debian advisory for the beep utility, which was followed
by another for Debian LTS, led to a
seemingly satirical site publicizing
the bug (and giving it the 'Holey Beep' name). But that site also exploits
a new flaw in the GNU
patch program—and the increased scrutiny on beep has
led to more problems being found.
Apr, Mon 23 - 06:01 CEST