Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 17 Apr 2017 10:35:51 -0700
From: Kenton Varda <>
To: Tom Lee <>,
Subject: Re: CVE Request: Cap'n Proto: Bounds check elided by compiler optimization

Whoops, apparently I'm supposed to use the web form now. Sorry!


On Mon, Apr 17, 2017 at 10:32 AM, Kenton Varda <>

> Hi oss-security and cve-assign,
> Can you assign a CVE for the following issue?
> Full details and fix covered here:
> o/capnproto/blob/master/security-advisories/2017-04-17-0-
> > Discovered by Kenton Varda
> > Some bounds checks are elided by Apple's compiler and possibly others,
> leading to a possible attack especially in 32-bit builds.
> > Although triggered by a compiler optimization, this is a bug in Cap'n
> Proto, not the compiler.
> Thanks,
> -Kenton

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ