Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 6 Apr 2017 08:45:32 +0000
From: rudykewang(王永科) <rudykewang@...cent.com>
To: oss-security <oss-security@...ts.openwall.com>
Subject: CVE Request: Interger overflow vulnerability in ptp_unpack_OPL
  function of  libmtp (version 1.1.12 and below)

Hi, I find an interger overflow vulnerability in ptp-pack.c(ptp_unpack_OPL  function) of  libmtp (version 1.1.12 and below) and report it to http://libmtp.sourceforge.net.
The fix is here: https://sourceforge.net/p/libmtp/mailman/message/35729062
Could you assign a CVE number for this? This is Yongke Wang of Tencent's Xuanwu Lab (xlab.tencent.com).

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.