Date: Wed, 01 Feb 2012 18:30:00 +0100 From: Yves-Alexis Perez <corsac@...ian.org> To: oss-security@...ts.openwall.com Subject: Re: Re: CVE Request (two ids) -- Xchat-WDK (prior 1499-4 [2012-01-18]) and Xchat-v2.8.6 on Maemo architecture -- Heap-based buffer overflow by processing UTF-8 line from server containing characters outside BMP On mer., 2012-02-01 at 13:53 +0100, Berke Viktor wrote: > Hello, > > Here are my notes: > > - Apparently only Windows versions are affected, no Linux ones. I > haven't tested Maemo but I'd be suprised if it would crash. > - Not all non-BMP characters crash, only a specific range. See the > patch > you linked for details. It did crash Maemo clients, that's where the report came from. -- Yves-Alexis Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.