[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: Re: LZO security bug might affect Busybox
From: Denys Vlasenko <vda.linux () googlemail ! com>
Date: 2014-06-30 8:17:26
Message-ID: 201406301017.27051.vda.linux () googlemail ! com
[Download RAW message or body]
On Saturday 28 June 2014 15:33, Isaac Dunham wrote:
> There's an integer overflow in LZO (LMS-2014-06-16-1):
> http://www.openwall.com/lists/oss-security/2014/06/26/20
>
> I suspect that this affects Busybox; the code would be in
> archival/libarchive/lzo1x_d.c
> But I wouldn't be able to verify that or to fix it.
Thanks for the report.
Fixed in git just now.
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic