Date: Fri, 14 Mar 2014 23:35:40 +0800 From: Qixue Xiao <s2exqx@...il.com> To: oss-security@...ts.openwall.com Subject: CVE request for a bug in gnu coreutils 8.22 I am not sure whether this needs a CVE. this bug will result an illegal memory access, which may be leak information without authority. and the author had fixed it after my report. please see: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16855 ### Bug overview shuf -er or shuf -eer [ segment fault] impact [coreutils 8.22 ] ``` [15:03:59]xqx <at> server:~/data/xqx/projects/coreutils-8.22$ ./obj-gcov/src/shuf -er Segmentation fault (core dumped) ``` thanks .
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ