|
Message-ID: <51A64245.9030702@redhat.com> Date: Wed, 29 May 2013 12:00:37 -0600 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com CC: Raphael Geissert <geissert@...ian.org> Subject: Re: CVE request: libraw: multiple issues -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/29/2013 03:18 AM, Raphael Geissert wrote: > Hi Kurt, > > On 28 May 2013 19:58, Kurt Seifried <kseifried@...hat.com> wrote: >> On 05/28/2013 02:43 AM, Raphael Geissert wrote: >>> So there's a double-free (fixed in 0.15.2[3]) > > https://github.com/LibRaw/LibRaw/commit/19ffddb0fe1a4ffdb459b797ffcf7f490d28b5a6 Please > use CVE-2013-2126 for this issue. >>> and a buffer overflow (fixed in 0.15.1[2]). > > https://github.com/LibRaw/LibRaw/commit/2f912f5b33582961b1cdbd9fd828589f8b78f21d Please > use CVE-2013-2127 for this issue. > Cheers, -- Raphael Geissert - Debian Developer www.debian.org - > get.debian.net Thanks - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRpkJEAAoJEBYNRVNeJnmTVZYP/R5M80Qjy91ZN3hoYmsywB7V KE8Tgwm1LsxWNvoHm5/ml7kEphNwrwPsxJeiKfZG1lql1N3I4Rd3eGLZZCn88WNk EJ1JeSDxE5XIpApnReXHBfCk3OGsHcotRhGj+7b+LCLqOcQW/f/MPQ3yVSMab8Pz QhFTg0t2TDthhAEQWi4PbwgVTPEb+UZtWo8gV4EF6rOWC45ZVOg/l5A+V0eBvt3j 7SKRqxCdx5WTd3bK/t6T1jeQQi8BKF0AJ9q36AV5QObEcdvO992BXjt+bGxfwduk xpkChFcSmO17rd+NDWREO4Xr6AdUGD0JlhNsOD+q4+l51YCeZ5a7pumMwCxGVueE uBc9ztzvt8HekYgAV3vUgjGAHHistzSVQe9LfvxSwDotzGm6HSMtpvxogOMwXJbF eTr4AOBdLeV5cEbCZ+wXvLOFxr7AuNoO/by4pEb7YMMTacfFcv4Xy6uPjFQ63STS AGVn6/kN4ZB3xVZRTUePg+xWsgGUQKkeiWiV0N37JorHrNW2F9IwPLZxU4JqGGWA mR6HTxDzN1s8IykfuHM8hI/v1AHFr18gcxDlVitcN8zQWtKYXh5leDyEAQf8oLp2 kqo/rljhijQdvhburnPBf91uJjrm7oYnrx4p5PaiG9e9oGEBZdzEe56teVOPUjjR BMZbIiKtJRQWOlZE9InY =bs8g -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.