Date: Fri, 26 Sep 2008 23:26:02 +1000 From: Steffen Joeris <steffen.joeris@...lelinux.de> To: oss-security@...ts.openwall.com Subject: Re: CVE id request: faad2 On Fri, 26 Sep 2008 10:49:55 pm Josh Bressers wrote: > ----- "Steffen Joeris" <steffen.joeris@...lelinux.de> wrote: > > Hi > > > > There is a heap overflow in faad2. > > Upstream announcement: > > http://www.audiocoding.com/ > > > > Gentoo Bugreport: > > http://bugs.gentoo.org/show_bug.cgi?id=238445 > > > > Debian Bugreport: > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499899 > > > > Upstream patch: > > http://www.audiocoding.com/patch/main_overflow.diff > > > > Could I please get a CVE id for this? > > This has already been assigned CVE-2008-4201 > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4201 > > It's not live on the MITRE site yet though. Grrr damn typo and I had a personal note that a CVE id was requested, just didn't find it in my inbox when searching for faud2 :/ Thanks for pointing it out and sorry for the noise. Cheers Steffen Download attachment "signature.asc " of type "application/pgp-signature" (198 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.