|
Message-ID: <20150504074138.606524ab@pc1>
Date: Mon, 4 May 2015 07:41:38 +0200
From: Hanno Böck <hanno@...eck.de>
To: Salvatore Bonaccorso <carnil@...ian.org>
Cc: OSS Security Mailinglist <oss-security@...ts.openwall.com>,
CVE Assignments MITRE <cve-assign@...re.org>
Subject: Re: CVE request: libarchive: Out of bounds read
using malformed cpio archive
On Mon, 4 May 2015 07:35:51 +0200
Salvatore Bonaccorso <carnil@...ian.org> wrote:
> Could a CVE be assigned for the following issue in libarchive:
I've lately reported ~15 different memory access issues in libarchive.
Not sure, do you want to assign CVEs for all of them?
Wanted to wait till everything is fixed and make a big announcement
then, but given that this seems to take longer than expected I don't
know...
--
Hanno Böck
http://hboeck.de/
mail/jabber: hanno@...eck.de
GPG: BBB51E42
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.