Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 10 Apr 2015 15:58:33 +0200
From: Tomas Hoger <>
To: Joshua Rogers <>
Cc: "" <>
Subject: Re: CVE Request: MySQL Null Pointer Dereference

On Fri, 10 Apr 2015 18:46:47 +1000 Joshua Rogers wrote:

> Could I get a CVE-ID assigned for this bug?:

I believe this kind of issues is not considered security / needing CVE
without further justification.  The problem here only occurs if
malloc(small_value) fails.  Considering how small the value is and that
it's not attacker controlled, it's fairly non-obvious if attacker has
any practical chance of triggering this bug.

Tomas Hoger / Red Hat Product Security

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ