Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 1 Apr 2015 10:34:19 +0200
From: William Robinet <william.robinet@...ostix.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2015-1845, CVE-2015-1846 - unzoo - Buffer overflow & Infinite
 loop

Dear oss-security list,

Two issues have been fixed in the "unzoo" package from Fedora EPEL.

CVE-2015-1845 unzoo:
    Buffer overflow in EntrReadArch()
    https://bugzilla.redhat.com/show_bug.cgi?id=1207645

CVE-2015-1846 unzoo:
    Infinite loop due to incorrect pointers handling in ExtrArch()/ListArch()
    https://bugzilla.redhat.com/show_bug.cgi?id=1207647


William
(Please note I'm not a member of the list)

-- 
GPG Key ID/Fingerprint:
    74C7A949/B509 4137 1353 A3FC 6A87  AA06 003F A3DF 74C7 A949

Conostix S.A.
4, Rue d'Arlon
L-8399 Windhof (Koerich)
T. +352 26 10 30 61
F. +352 26 10 30 62

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ