Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 15 Mar 2016 18:43:07 +0300
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Cc: La??l Cellier <lael.cellier@...oste.net>
Subject: Re: server and client side remote code execution through a buffer overflow in all git versions before 2.7.1 (unpublished cve-2016-2324 and cve-2016-2315)

Thanks for bringing this to oss-security.

On Tue, Mar 15, 2016 at 03:55:37PM +0100, La??l Cellier wrote:
> Hello, original report describing the overflow is here 
> http://pastebin.com/UX2P2jjg

Going forward, please post the actual content directly to oss-security,
not (only) via reference.  I've attached the contents of this pastebin
to this message, so that it's properly archived.

(No idea why you had "cve" obfuscated with Unicode, but I undid that.)

Alexander

View attachment "cve-2016-2315.c" of type "text/x-c" (1674 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ