Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <498D4E36.2070403@pardus.org.tr>
Date: Sat, 07 Feb 2009 11:02:46 +0200
From: Pinar Yanardag <pinar@...dus.org.tr>
To: oss-security@...ts.openwall.com
Subject: CVE Request: pycrypto

Hi,

There's a buffer overflow in pycrypto ARC2 module. Can you assign a CVE?

Test case: http://gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git;a=commitdiff;h=fd73731dfad451a81056fbb01e09aa78ab82eb5d
Patch: http://gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git;a=commitdiff;h=d1c4875e1f220652fe7ff8358f56dee3b2aba31b

Cheers,

-- 
Pinar Yanardag
http://pinguar.org
_____________________________

Pardus Security Team
http://security.pardus.org.tr


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.