[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150316062556.GA7658@eldamar.local>
Date: Mon, 16 Mar 2015 07:25:56 +0100
From: Salvatore Bonaccorso <carnil@...ian.org>
To: OSS Security Mailinglist <oss-security@...ts.openwall.com>
Cc: CVE Assignments MITRE <cve-assign@...re.org>,
Tom Lee <debian@...lee.co>, Vincent Bernat <bernat@...ian.org>
Subject: CVE Request: Cap'n Proto: Several issues
Hi
Can you assign CVEs for the following issues in Cap'n Proto? Details
and fixing commits are referenced in upstream problem descriptions:
1/ Integer overflow in pointer validation
- https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2015-03-02-0-c%2B%2B-integer-overflow.md
- https://bugs.debian.org/780565
2/ Integer underflow in pointer validation
- https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2015-03-02-1-c%2B%2B-integer-underflow.md
- https://bugs.debian.org/780566
3/ CPU usage amplification attack
- https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2015-03-02-2-all-cpu-amplification.md
- https://bugs.debian.org/780567
4/ CPU usage amplification attack #2
- https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2015-03-05-0-c%2B%2B-addl-cpu-amplification.md
- https://bugs.debian.org/780568
Thanks in advance,
Regards,
Salvatore
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
