Date: Sun, 25 May 2008 15:25:31 +0200 From: Tomas Hoger <thoger@...hat.com> To: oss-security@...ts.openwall.com Cc: Mamoru Tasaka <mtasaka@....s.u-tokyo.ac.jp>, coley@...re.org Subject: CVE id request: cbrpager Hi all! Mamoru Tasaka, cbrpager package maintainer in Fedora, discovered, that cbrpager is affected by command execution flaw via malicious file names in a similar way as comix was affected (as discussed on this list previously - http://www.openwall.com/lists/oss-security/2008/03/31/1 ). Mamoru's patch was accepted in the new upstream version - 0.9.17. Further details and links in: https://bugzilla.redhat.com/show_bug.cgi?id=448285 -- Tomas Hoger / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.