Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 27 Apr 2017 16:14:27 +0200
From: Andrej Nemec <anemec@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request: Two memory corruption vulnerabilities
 ldns 1.7

Hello Stephan,

Unfortunately, CVE assignments are not done through this list anymore.
You need to visit [1] and request a CVE by filing out the form. Could
you please look at it and let the list know about the assigned CVE?

Thanks!

[1] https://cveform.mitre.org/

Best Regards,

-- 
Andrej Nemec, Red Hat Product Security
3701 3214 E472 A9C3 EFBE 8A63 8904 44A1 D57B 6DDA

On 04/27/2017 12:54 PM, Stephan Zeisberg wrote:
> Hi,
>
> i discovered two memory corruption vulnerabilities (double free) in ldns
> 1.7.0:
>
> * https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1256
> * https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1257
>
> and reported it to https://www.nlnetlabs.nl/bugs-script/
>
> Both fixed in upstream (in development branch):
> * for bug 1256: https://git.nlnetlabs.nl/ldns/commit/?id=c8391790
> * for bug 1257: https://git.nlnetlabs.nl/ldns/commit/?id=3bdeed02
>
> Could you please assign CVE(s) for the vulnerabilites?
>
> Thanks,
> Stephan



Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ