Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 29 May 2014 02:53:24 -0400 (EDT)
From: cve-assign@...re.org
To: rdecvalle@...are.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: Fwd: [ruby-core:62800] [ruby-trunk - Bug #9709] Large string causes SEGV with x64-mingw32

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> https://bugs.ruby-lang.org/issues/9709
> https://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/45534

> * string.c (str_buf_cat): should round up the capacity by 4KiB,
>   but not number of rooms.   [Bug #9709]

> -     capa = (total + 4095) / 4096;
> +     capa = (total + 4095) / 4096 * 4096;

Use CVE-2014-3916.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJThtdWAAoJEKllVAevmvmscQ4H/RsUSP/RBota103N7qNmMXOs
Lvt843wccI7jGQxtGXRgtqh8cIZqVPsbbZ/qkvEhbQDHkWdnE37qeHpPudhsJ/tG
SLpiYAlr7oOjX1g3jXP1eViuuUWlv6rISO0uT3FDBbPmWO//yqWA0Wg3bCsYSGIp
n4uDiMwJLO4nmx9LcJSZpT2Wsz+aqMuZKU0SN1HAcg/Br4odhhlos+6P98NHs8hk
JTyWe3kWimvKm55lRF/TI7YqPNAWayc/UOypT8WLnCZ6l5y9K2kizO6xRymfPZCI
YjWgdu/pcpRz2Oa5r7sR76jHqxuTTMJP2t6W+BSa+Ob4m63q9qRUx73rv2JU8HM=
=pWl2
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ