[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Re: CVE Request: glibc getaddrinfo() stack overflow
From:       Raphael Geissert <geissert () debian ! org>
Date:       2013-09-17 8:30:38
Message-ID: CAA7hUgEJ4RjDX_B+nUhDRT7F+Ju-VKeB9VU=6p6KY-dcdKnQTg () mail ! gmail ! com
[Download RAW message or body]

On 17 September 2013 04:27, Kurt Seifried <kseifried@redhat.com> wrote:
> I prefer things to be explicit rather than assumed =).
> Please use CVE-2013-4357  for this issue.

What exactly is that id meant to cover? do you have commit references
for the issue (singular)?
(also note that glibc#12671 is from 2011)

Or is the whole bunch of patches from extend_alloca supposed to be
CVE-noisy^Wworthy?

Cheers,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
[prev in list] [next in list] [prev in thread] [next in thread]