Date: Tue, 5 May 2009 16:45:13 +0200 From: Tomas Hoger <thoger@...hat.com> To: OSS Security <oss-security@...ts.openwall.com> Cc: coley@...re.org Subject: Old cscope buffer overflow Hi! If you're preparing cscope updates for CVE-2009-0148 and you may still be shipping packages based on 15.5, you may want to have a look at: https://bugzilla.redhat.com/show_bug.cgi?id=499174 Steve, as the first public report for this is from 2006: https://bugzilla.redhat.com/show_bug.cgi?id=189666 I believe 2006 CVE id is needed here. If you only ship 15.6 or later, you can ignore this mail. -- Tomas Hoger / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ