[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: GnuPG 2
From: Josh Bressers <bressers () redhat ! com>
Date: 2010-07-26 19:27:40
Message-ID: 694276987.1555921280172460532.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]
----- "Florian Weimer" <fw@deneb.enyo.de> wrote:
> GnuPG 2.0 before version 2.0.17 reuses a freed pointer when verifying
> a signature or importing a certificate with many Subject Alternate
> Names, possibly allowing context-dependent attacks to execute
> arbitrary code.
>
> <http://lists.gnupg.org/pipermail/gnupg-announce/2010q3/000302.html>
Please use CVE-2010-2547.
Thanks.
--
JB
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic