Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 8 Feb 2016 11:19:14 +0400
From: Stepan Golosunov <>
Cc:, Salvatore Bonaccorso <>
Subject: CVE request - buffer overflow in xdelta3 before 3.0.9


Buffer overflow was found and fixed in xdelta3 binary diff tool that
allows arbitrary code execution from input files at least on some

08.02.2016 в 06:57:12 +0100 Salvatore Bonaccorso написал:
> On Sun, Feb 07, 2016 at 07:05:12PM +0400, Stepan Golosunov wrote:
> > This appears to be fixed in xdelta3 3.0.9 and later via
> >
> Can you request a CVE as well on the oss-security mailinglist or from
> MITRE directly? (You can keep us in the loop).

Doing so.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ