Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon,  8 Feb 2016 11:21:44 -0500 (EST)
From: cve-assign@...re.org
To: stepan@...osunov.pp.ru
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, security@...ian.org, carnil@...ian.org
Subject: Re: CVE request - buffer overflow in xdelta3 before 3.0.9

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> Buffer overflow was found and fixed in xdelta3 binary diff tool that
> allows arbitrary code execution from input files at least on some
> systems.

>> This appears to be fixed in xdelta3 3.0.9 and later via
>> https://github.com/jmacd/xdelta-devel/commit/ef93ff74203e030073b898c05e8b4860b5d09ef2

>>> Add appheader tests; fix buffer overflow in main_get_appheader 

Use CVE-2014-9765.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWuMArAAoJEL54rhJi8gl5xHkP/iBzelGW14EPlpUBEM5eQgqd
EW7krDybsq3zfQBvDwzYKcLWvA8HaBIRHQrILz4770wY0HqWQt8BdZxdo70kMwvb
CXs+Abh7iXrtFUeL/IrOZYmOzjTRrDq1U68Qb+h+yKdyxxxmM8wou8w7rVBYcxSH
oZnpx+ivfYL8PMGOTZK5z3rWgIN7WL9cCfBrQPzQosueuz0xVNVhI17oTR623Tej
1xw6pLULp7nxUSrUfwuj6qD3PS6DJgt8VpWVoHLkYOKDt04iFfcC3gbCOpQaU/No
JwDvK/I81tMOcxTttSyCUU8TkinrT5JvoUpuntbJxRoA5768FE+bXdSfpoaSA2gq
OHvWq78r43TsVvkHFMrmMqXQjQjqnweAoetwRdpUAgzRUaE/MTwzB40tFfoVjy/X
tzHcSspNDC+vqQN/hsDhYO13xMbUKzNIq4DyRmiIS1rl92bKV05Ps4XBpEn3T3Iy
AGMvKi3dKKSgd5bdr82foLIwofS/5liP4Argpa1EyvgdUV+EYDQkhKkjwDqXivtV
R5aat+cTLhRq8QxOP/6dw3qWIxJCxvUZuZuraFX9FlelTlhj0fJok8evr8PsIHOY
wzAHaf4+ALZ0LH9zmrCAUqX8tTSDaf6qHYedr2D+Vmh602AiKcfreKMG36Di/sfq
tmK2aeQbfRSEgh78tPcM
=m+8A
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ