Date: Thu, 4 Sep 2008 12:44:44 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security@...ts.openwall.com Subject: Re: request for CVE: clamav 0.94 release On Wed, 3 Sep 2008, Marcus Meissner wrote: > The full changelog has those apparent security related entries: > * fix out-of-memory null dereferenc (bb#1141) Use CVE-2008-3912, to be filled in later. I have mixed opinions on out-of-memory null dereferences, though in security software it seems reasonable to flag it. > * fix possible invalid memory access (bb#1089) CVE-2008-1389 as mentioned by Hanno. > * fix error path memleaks and fd leaks (bb#1141) Use CVE-2008-3913 for the memory leak. Use CVE-2008-3914 for the fd leak. - Steve
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.