Date: Wed, 31 May 2017 13:16:15 +0200 From: Hanno Böck <hanno@...eck.de> To: oss-security@...ts.openwall.com Subject: Re: I found Crash in tcpdump and radare2. Hi, On Wed, 31 May 2017 06:39:12 -0400 Qhdwns123 <qhdwns123@...tonmail.com> wrote: > I found Crash in tcpdump and radare2. > > It points to the heap overflow as the result of analysis by ASAN. > > What steps should I take to report this issue? Please report the issues first to their respective developers and provide the crashing files to them. tcpdump has a contact address for security issues: http://www.tcpdump.org/#security I think radare2 has no specific security reporting process, you can report it through their github tracker: https://github.com/radare/radare2/issues When the bugs are fixed you can post details to this list. -- Hanno Böck https://hboeck.de/ mail/jabber: hanno@...eck.de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ