[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: libarchive: Out of bounds read using malformed cpio archive
From:       Hanno =?UTF-8?B?QsO2Y2s=?= <hanno () hboeck ! de>
Date:       2015-05-04 5:41:38
Message-ID: 20150504074138.606524ab () pc1
[Download RAW message or body]


On Mon, 4 May 2015 07:35:51 +0200
Salvatore Bonaccorso <carnil@debian.org> wrote:

> Could a CVE be assigned for the following issue in libarchive:

I've lately reported ~15 different memory access issues in libarchive.
Not sure, do you want to assign CVEs for all of them?

Wanted to wait till everything is fixed and make a big announcement
then, but given that this seems to take longer than expected I don't
know...

-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno@hboeck.de
GPG: BBB51E42

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]