Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 02 Mar 2009 15:15:48 +0200
From: Pinar Yanardag <pinar@...dus.org.tr>
To: oss-security@...ts.openwall.com
Subject: CVE Request: mpfr (Buffer Overflow)

Hi,

A buffer overflow vulnerability has been fixed in the latest version of 
mpfr. From GNU mpfr changelog [1]:

--->8---
Changes from version 2.4.0 to version 2.4.1     
* Security fix in mpfr_snprintf and mpfr_vsnprintf (buffer overflow).

--->8---

[1]: http://www.mpfr.org/mpfr-2.4.1

Cheers,

-- 
Pinar Yanardag
http://pinguar.org
_________________________________________________________
Pardus Security Team
http://security.pardus.org.tr


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ