Date: Fri, 19 Aug 2011 14:52:26 +0200 From: Tomas Hoger <thoger@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: CVE request: BusyBox unpack_Z_stream() buffer underflow On Fri, 19 Aug 2011 13:36:31 +0200 Alex Legler wrote: > Secunia  reported a fix in BusyBox for a flaw similar to > CVE-2006-1168: We had that mentioned here: https://bugzilla.redhat.com/show_bug.cgi?id=727624#c8 > Please assign a CVE. Given that busybox embeds ncompress code, I believe old CVE can / should be used for busybox too. I'm happy to be corrected if I'm wrong. -- Tomas Hoger / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.