Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 4 Sep 2008 12:44:44 -0400 (EDT)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security@...ts.openwall.com
Subject: Re: request for CVE: clamav 0.94 release


On Wed, 3 Sep 2008, Marcus Meissner wrote:

> The full changelog has those apparent security related entries:
>  * fix out-of-memory null dereferenc (bb#1141)

Use CVE-2008-3912, to be filled in later.  I have mixed opinions on
out-of-memory null dereferences, though in security software it seems
reasonable to flag it.

>  * fix possible invalid memory access (bb#1089)

CVE-2008-1389 as mentioned by Hanno.

>  * fix error path memleaks and fd leaks (bb#1141)

Use CVE-2008-3913 for the memory leak.

Use CVE-2008-3914 for the fd leak.

- Steve

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.