Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 06 Nov 2014 17:07:07 +1100
From: Joshua Rogers <>
Subject: CVE-Request: dpkg handling of 'control' and warnings format string

A format string vulnerability vuln has been found in the latest version
of dpkg.

An example is:

> dpkg -i --dry-run
> '/home/www/'
> dpkg: warning: parsing file '/tmp/dpkg.heOSnC/control' near line 2
> package 'backup:01f15700.00431828.00000001.00000001.0000001a':
>  '%08x.%08x.%08x.%08x.%08x
> Description: Stuff
> maintainer: Joshua Rogers
> version: 1
> ' is not a valid architecture name: escription: Stuff
> maintainer: Joshua Rogers
> version: 1

The vulnerable function, warningv([..]), is called in many other places,
and is not limited to '-i'.

Could I get a CVE-ID for this?

-- Joshua Rogers <>

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ