Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 12 Jan 2015 19:36:37 +0100
From: Thijs Kinkhorst <thijs@...ian.org>
To: oss-security@...ts.openwall.com
Subject: CVE request: pigz, kgb, pax: directory traversal

Hi,

Three additional cases of directory traversal in archiving utilities have been 
reported to Debian. Please assign a CVE id to each.

- pigz
  Report: https://bugs.debian.org/774978
  Fix: 
https://github.com/madler/pigz/commit/fdad1406b3ec809f4954ff7cdf9e99eb18c2458f

- kgb
  Report: https://bugs.debian.org/774989

- pax
  Report: https://bugs.debian.org/774716 and
      http://www.openwall.com/lists/oss-security/2015/01/07/5


Thanks,

Thijs Kinkhorst
Debian security team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ