Date: Tue, 1 Apr 2008 00:18:59 +0200 From: Nico Golde <oss-security+ml@...lde.de> To: oss-security@...ts.openwall.com Subject: Re: CVE id request: comix Hi Steven, * Steven M. Christey <coley@...us.mitre.org> [2008-04-01 00:09]: > On Mon, 31 Mar 2008, Nico Golde wrote: > > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=462840 > > > > I confirmed this using comix\"\;echo\ owned\>bla\;ls\ \" > > as a simple reroducer. > > Use CVE-2008-1568 Thanks > What about the comicthumb in Message #10 - if that's part of comix, I'd > MERGE with CVE-2008-1568. Yes that seems to be a script part of the comix package. Kind regards Nico -- Nico Golde - http://www.ngolde.de - nion@...ber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.