Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 06 Nov 2015 22:07:27 +0100
From: Luca Bruno <lucab@...ian.org>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: Re: Re: Review+CVE request: multiple issues in redis EVAL command (lua sandbox)

On Friday 06 November 2015 12:07:30 cve-assign@...re.org wrote:

> > https://github.com/antirez/redis/issues/2854
> > https://github.com/antirez/redis/issues/2853
> > https://github.com/antirez/redis/issues/2855
> 
> As far as we can tell, 2854 and 2853 do not need to be categorized as
> vulnerability reports, but 2855 is a report of at least one
> vulnerability. See the initial CVE ID assignment below.
> [...]
> Our feeling is that the sandboxing is not (yet) intended to define a
> security boundary with any practical value, and thus ability to defeat
> the sandboxing will not have a CVE ID at present.
> [...]
> Use CVE-2015-8080 for the "getnum ... integer wraparound ... thus
> returning a negative value" vulnerability.

Thanks for the prompt and detailed review!
I understand the line of reasoning and I've no further technical comments on 
your analysis. All bug reports have been updated with appropriate references.

Cheers, Luca

--
Luca Bruno (kaeso)
 Security Engineer
 Rocket Internet SE
 -> GPG: 0xBB1A3A854F3BBEBF

Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ