'Re: [oss-security] CVE Request: null ptr deref in lame v3.99.5'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Request: null ptr deref in lame v3.99.5
From:       Moritz Muehlenhoff <jmm () debian ! org>
Date:       2015-02-26 18:16:53
Message-ID: 20150226181653.GA24970 () inutil ! org
[Download RAW message or body]

On Thu, Feb 26, 2015 at 12:08:25PM -0600, Brian Carpenter wrote:
> Bug reports:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777160
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777161
> 
> Fixed by Debian patch here:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775959
> 
> Tracker:
> https://tracker.debian.org/news/672916
> 
> Issue appears to be fixed in the Debian repos and in the upstream source,
> however, no upstream release has been made yet (3.99.5 is still available
> for download on Sourceforge).

This has already been requested two weeks ago:
http://www.openwall.com/lists/oss-security/2015/02/12/8

Cheers,
        Moritz
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic