Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <200809262326.03434.steffen.joeris@skolelinux.de>
Date: Fri, 26 Sep 2008 23:26:02 +1000
From: Steffen Joeris <steffen.joeris@...lelinux.de>
To: oss-security@...ts.openwall.com
Subject: Re: CVE id request: faad2

On Fri, 26 Sep 2008 10:49:55 pm Josh Bressers wrote:
> ----- "Steffen Joeris" <steffen.joeris@...lelinux.de> wrote:
> > Hi
> >
> > There is a heap overflow in faad2.
> > Upstream announcement:
> > http://www.audiocoding.com/
> >
> > Gentoo Bugreport:
> > http://bugs.gentoo.org/show_bug.cgi?id=238445
> >
> > Debian Bugreport:
> > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499899
> >
> > Upstream patch:
> > http://www.audiocoding.com/patch/main_overflow.diff
> >
> > Could I please get a CVE id for this?
>
> This has already been assigned CVE-2008-4201
> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4201
>
> It's not live on the MITRE site yet though.
Grrr damn typo and I had a personal note that a CVE id was requested, just 
didn't find it in my inbox when searching for faud2 :/ 
Thanks for pointing it out and sorry for the noise.

Cheers
Steffen

Download attachment "signature.asc " of type "application/pgp-signature" (198 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.