Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 16 Feb 2015 15:42:06 +0100
From: Maxin John <maxin@...inbjohn.info>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org, sona.sarmadi@...a.com
Subject: CVE-Request - bitbake

Hi,

Executing "bitbake -g -u depexp <package>" when DISPLAY is not
properly set causes segfault and a denial of service (through OOM) via
a crafted script.

Bug Report URL:
https://bugzilla.yoctoproject.org/show_bug.cgi?id=7299

Patch link (master branch):
http://git.openembedded.org/bitbake/commit/?id=f35e9bd7b59c180fe9a3d9177efb57b92d9cd373

Can a CVE be assigned to this please?

Thanks and Regards,
Maxin

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ