Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue,  3 Nov 2015 15:01:45 -0500 (EST)
From: cve-assign@...re.org
To: hanno@...eck.de
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request: libsndfile 1.0.25 heap overflow

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> Unrelated, but I recently reported an out of bounds triggered by the
> test suite of libsndfile and got no reply:
> http://permalink.gmane.org/gmane.comp.audio.libsndfile.devel/681

> Out of bounds reads in psf_strlcpy_crlf when running test suite

> AddressSanitizer: global-buffer-overflow ... READ of size 1

Use CVE-2015-8075.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWORIuAAoJEL54rhJi8gl57iMP/iC0/G/Y6zBNqIdmg1D0LYhs
1qvexDHsgVUgd/8E4yyRhnY8CY7IzVnLL5cyvby9SNscwxBq2N3OJ3AFwqftmXdi
Rn/Y7S7Plf+Va9hEA5HWtBL9AWbCJw9+E4TArah8ONhx45PSYjqwCFPcS6gN9NN7
CvPnnqjGlArd/H/35EuIgNoEeQr8wx/48v3quU1nFTF/pDLtHkInShpzyd11zf8e
h1Ai4P3iLHu2WP7YWqaywINJNb2qPM0M4Y2uqiNc+R4aQxUaihve1Fu1gz43TRw7
iKm3AWKtH6+De3R3kGXsLohPniAiiXOLmZHbZtUzSnwkTES/RbkKhPWmtN0cClvY
2qSzCGxNbyyhb8D+pECs1gWMrsJIVfQbOlpJ8zLofj9wptG3SsqUryO38m+5t8ud
+OrS+vXcZG2fkWvSiq4qW6OmiqE69ILXxTO8SdEKE7hTqQ17z4bKG5rqEH+HJYwF
+F4BU60gZHXxb/ZsjDzCMJzzwRQTfUSC+7P9xFKXBufZ7YCxPSelvRD2fUk/wfmv
fQpck9z5ixQpcyL4Lfc6HjTJ0vhFYbTzuBk8graJu2u6blWvMCqTHIp6/ifGzFQK
Fcwos2Fs/IvIZRmqgu7EqUvhVOcgffpV0oRSV/YEpPIeZK7XGYG4xKcUyEdjf5Cn
sDzj3GzW52Ot99MUyUYN
=rFVC
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ