Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 12 Oct 2017 19:23:10 +0200
From: Salvatore Bonaccorso <carnil@...ian.org>
To: Leon Zhao <leon.zhao.7@...il.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: CVE request: Two DoS vulneribilities in
 libextractor

Hi

On Wed, Oct 11, 2017 at 11:40:33AM +0800, Leon Zhao wrote:
> Hello oss security,
> 
> I found two DoS vulneribilities in libextractor,
> 
> Affected version
> 1.4
> 
> 1. Divide-By-Zero
> https://bugzilla.redhat.com/show_bug.cgi?id=1499599
> http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html
> Fixed

This was assigned CVE-2017-15266.

> 2. Null Pointer Dereference
> https://bugzilla.redhat.com/show_bug.cgi?id=1499600
> http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html
> Fixed

This was assigned CVE-2017-15267.

Regards,
Salvatore

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ