Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 8 Oct 2016 10:15:55 -0300
From: Gustavo Grieco <>
Subject: CVE request: invalid memory accesses parsing object files in libgit2


We recently reported two invalid memory accesses in the last revision
of libgit2:

* Read out-of-bounds in git_oid_nfmt:

* DoS using a null pointer derreference in git_commit_message:

The developers are preparing a patch to harden object parsing in libgit2 here:

Please assign one or more CVE if suitable.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ