Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 28 Feb 2018 23:09:51 +0100
From: Hanno Böck <>
Subject: Re: Information on file, sqlite, libarchive, pcre
 issues for CVE IDs assigned by Apple?

On Wed, 28 Feb 2018 21:24:10 +0100
Moritz Muehlenhoff <> wrote:

> Of the IDs mentioned above, only CVE-2017-10989 refers to specific,
> identifiable information. Does anyone on the list have additional
> information on any of these bugs; allowing to map them to upstream
> bug reports/patches?

This only partly answers your question, but the oss-fuzz issues are
handled in a public bug tracker (public as in "they become public once
they're fixed or a deadline has passed" I believe):

You'll find issues in sqlite, file and libarchive there, but of course
that doesn't give you a mapping to the CVEs assigned.

Hanno Böck

GPG: FE73757FA60E4E21B937579FA5880072BBB51E42

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ