Date: Thu, 27 Apr 2017 16:14:27 +0200 From: Andrej Nemec <anemec@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: CVE Request: Two memory corruption vulnerabilities ldns 1.7 Hello Stephan, Unfortunately, CVE assignments are not done through this list anymore. You need to visit  and request a CVE by filing out the form. Could you please look at it and let the list know about the assigned CVE? Thanks!  https://cveform.mitre.org/ Best Regards, -- Andrej Nemec, Red Hat Product Security 3701 3214 E472 A9C3 EFBE 8A63 8904 44A1 D57B 6DDA On 04/27/2017 12:54 PM, Stephan Zeisberg wrote: > Hi, > > i discovered two memory corruption vulnerabilities (double free) in ldns > 1.7.0: > > * https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1256 > * https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1257 > > and reported it to https://www.nlnetlabs.nl/bugs-script/ > > Both fixed in upstream (in development branch): > * for bug 1256: https://git.nlnetlabs.nl/ldns/commit/?id=c8391790 > * for bug 1257: https://git.nlnetlabs.nl/ldns/commit/?id=3bdeed02 > > Could you please assign CVE(s) for the vulnerabilites? > > Thanks, > Stephan Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ