Date: Thu, 21 Jul 2011 19:41:29 +0200 From: Jan Lieskovsky <jlieskov@...hat.com> To: "Steven M. Christey" <coley@...us.mitre.org>, Sebastian Krahmer <krahmer@...e.de> CC: oss-security@...ts.openwall.com Subject: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization Hello Josh, Steve, vendors, this:  https://bugzilla.novell.com/show_bug.cgi?id=694598  http://lists.suse.com/opensuse-security-announce/2011-06/msg00013.html  http://lwn.net/Alerts/449415/  https://bugzilla.redhat.com/show_bug.cgi?id=724005 doesn't seem to have CVE identifier yet (though Sebastian Krahmer requested one for related fscaps issue). Josh, Steve, could you allocate a CVE id for this?  contains also further issue description + links to SUSE patches (from ). Could not find their plaintext (*.src.rpm) version though. So Sebastian, if you could share those with us, it would be appreciated. Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ