Date: Wed, 15 Oct 2008 11:55:42 -0500 From: Jamie Strandboge <jamie@...onical.com> To: oss-security@...ts.openwall.com Cc: jdong@...ntu.com Subject: CVE request: jhead Hi, Marc Merlin and John Dong discovered several vulnerabilities in jhead. Upstream was contacted, who later released jhead 2.84 . Initial report can be seen in Ubuntu's bug tracker . CC'ing John, as he is who found the majority of the issues and coordinated with upstream. Jamie  http://www.sentex.net/~mwandel/jhead/changes.txt  https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020 -- Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/ Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ