Date: Wed, 7 Sep 2016 13:39:41 +0530 (IST) From: P J P <ppandit@...hat.com> To: oss security list <oss-security@...ts.openwall.com> cc: cve-assign@...re.org, vv474172261@...il.com Subject: Re: Re: CVE Request Qemu: scsi: mptsas: invalid memory access while building configuration pages +-- On Tue, 6 Sep 2016, cve-assign@...re.org wrote --+ | -----BEGIN PGP SIGNED MESSAGE----- | >> When LSI SAS1068 Host Bus emulator builds configuration page | >> headers, mptsas_config_pack() asserts to check returned size | >> value is within limit of 256 bytes. Fix that assert expression. | | Our interpretation is that this assert issue is not an independently | relevant security problem, and does not need its own unique CVE ID. That's right. Thank you. -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ