Date: Tue, 25 Feb 2014 00:56:42 +0200 From: Henri Salo <henri@...v.fi> To: oss-security@...ts.openwall.com Subject: CVE request: hexchat buffer overflow Can I get 2013 CVE for buffer overflow issue in hexchat, thanks. Bug report: https://github.com/hexchat/hexchat/issues/463 Fixed in commit: https://github.com/hexchat/hexchat/commit/8996baa35ee12556a7bf402e3568193dbafec5f1 Exploit: http://packetstorm.igor.onlinedirect.bg/1304-exploits/hexchat-overflow.txt More information: http://osvdb.org/92115 hexchat was recently accepted to Debian unstable: http://packages.qa.debian.org/h/hexchat.html I haven't verified this vulnerability or exploit. --- Henri Salo [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ