Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 13 Mar 2014 23:16:07 +0100
From: Agostino Sarubbo <ago@...too.org>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org, meissner@...e.de
Subject: Re: Re: CVE request for icinga 1 byte \0 overflows

On Thursday 13 March 2014 15:30:31 cve-assign@...re.org wrote:
> > The icinga team silently fixed some single byte \0 overflows.
> > 
> > https://git.icinga.org/?p=icinga-core.git;a=commitdiff;h=73285093b71a5551a
> > bdaab0a042d3d6bae093b0d
> > 
> > (also the non public
> > https://dev.icinga.org/issues/5663
> > is referenced by commit above)
> 
> Use CVE-2014-2386.

We tracked a lot of similar issues:
https://bugs.gentoo.org/show_bug.cgi?id=fortify-source

-- 
Agostino Sarubbo
Gentoo Linux Developer

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ