Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 19 Aug 2011 14:52:26 +0200
From: Tomas Hoger <thoger@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request: BusyBox unpack_Z_stream() buffer
 underflow

On Fri, 19 Aug 2011 13:36:31 +0200 Alex Legler wrote:

> Secunia [1] reported a fix in BusyBox for a flaw similar to
> CVE-2006-1168:

We had that mentioned here:
  https://bugzilla.redhat.com/show_bug.cgi?id=727624#c8

> Please assign a CVE.

Given that busybox embeds ncompress code, I believe old CVE can /
should be used for busybox too.  I'm happy to be corrected if I'm wrong.

-- 
Tomas Hoger / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.