Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 16 Mar 2015 07:25:56 +0100
From: Salvatore Bonaccorso <carnil@...ian.org>
To: OSS Security Mailinglist <oss-security@...ts.openwall.com>
Cc: CVE Assignments MITRE <cve-assign@...re.org>,
	Tom Lee <debian@...lee.co>, Vincent Bernat <bernat@...ian.org>
Subject: CVE Request: Cap'n Proto: Several issues

Hi

Can you assign CVEs for the following issues in Cap'n Proto? Details
and fixing commits are referenced in upstream problem descriptions:

1/ Integer overflow in pointer validation
  - https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2015-03-02-0-c%2B%2B-integer-overflow.md
  - https://bugs.debian.org/780565

2/ Integer underflow in pointer validation
  - https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2015-03-02-1-c%2B%2B-integer-underflow.md
  - https://bugs.debian.org/780566

3/ CPU usage amplification attack
  - https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2015-03-02-2-all-cpu-amplification.md
  - https://bugs.debian.org/780567

4/ CPU usage amplification attack #2
  - https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2015-03-05-0-c%2B%2B-addl-cpu-amplification.md
  - https://bugs.debian.org/780568

Thanks in advance,

Regards,
Salvatore

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ