Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 1 May 2009 17:24:36 -0600
From: Vincent Danen <vdanen@...hat.com>
To: oss-security@...ts.openwall.com
Cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: CVE request: file security issue

A debian bug report indicates a vulnerability in file 5.x (4.x is not
affected) due to a boundary error within cdf_read_sat().

References:

http://secunia.com/advisories/34881/
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525820
https://bugzilla.redhat.com/show_bug.cgi?id=497913

Steve, could we get a CVE name assigned to this issue please?  Thanks.

-- 
Vincent Danen / Red Hat Security Response Team 

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.