Date: Fri, 12 Oct 2012 10:43:06 +0200 From: Tomas Hoger <thoger@...hat.com> To: oss-security@...ts.openwall.com Subject: libproxy PAC downloading buffer overflows Hi! libproxy 0.4.9 fixes a buffer overflow reported by Tomas Mraz: http://code.google.com/p/libproxy/source/detail?r=853 https://groups.google.com/forum/?fromgroups=#!topic/libproxy/VxZ8No7mT0E https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4504 Upstream announcement also mentions another issue - CVE-2012-4505. It is related, but different problem that was found in pre-0.4 versions while investigating if they were affected by CVE-2012-4504. https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4505 -- Tomas Hoger / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.