Date: Thu, 12 May 2016 23:16:48 +0200 From: Moritz Muehlenhoff <jmm@...ian.org> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: Re: CVE Request : Use-after-free in openjpeg On Tue, Sep 15, 2015 at 05:33:55PM +0200, FEIST Josselin wrote: > Hi, > > Use-after-free was found in openjpeg > (https://github.com/uclouvain/openjpeg). The vuln is fixed in version > 2.1.1 and was located in opj_j2k_write_mco function. More details are > available here : https://github.com/uclouvain/openjpeg/issues/563. > Is it possible to get a CVE for this ? > > Credit goes to the static analyzer Gueb. Explicitly adding cve-assign to CC, this seems to have fallen through the cracks. Cheers, Moritz
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ