[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: bzip2 CERT-FI: 20469
From: Josh Bressers <bressers () redhat ! com>
Date: 2008-03-20 0:54:15
Message-ID: 23284.1205974455 () devserv ! devel ! redhat ! com
[Download RAW message or body]
>
> I'm running version 1.0.4 through the bzip2 files now (it takes a long time
> to run, there are a lot of files). If I find the reproducer, I'll let you
> know.
>
> I saw no crashes when I ran the CERT-FI suite over bzip2 versions 1.0.1,
> 1.0.2, and 1.0.3.
>
I mailed upstream, the file we want is 1203ea663ea8545c9b66ad3ef46425d0.bz2
The problem I had with my testrunner is that the bunzip2 has a segfault
handler. Rather that properly segfaulting, it's doing an exit(2). I'm
going to rerun the suite with this new knowledge now to see what's affected
and how.
--
JB
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic