Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 27 Nov 2012 10:23:44 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Tomas Hoger <thoger@...hat.com>
Subject: Re: CVE request: libproxy issue

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/27/2012 03:41 AM, Tomas Hoger wrote:
> On Tue, 27 Nov 2012 11:17:33 +0100 Matthias Weckbecker wrote:
> 
>> there is a format string issue with libproxy:
>> 
>> https://bugzilla.novell.com/show_bug.cgi?id=791086
>> 
>> Version 0.4.10 isn't affected anymore according to Shawn Chang.
> 
> https://code.google.com/p/libproxy/source/detail?r=475 apparently.

Please use CVE-2012-5580 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQtPcgAAoJEBYNRVNeJnmTtmgP/3/YsQ9VwnDJ5XROWzjgAEbp
C3eoMA/Nvvo+neOGjank57JHcCNnr0/5P10HHAXpkp6sFm8qJSjrp5WgYJSdCwZc
mp4E9ch9DaXc0ozCiNC0dwbzY/p37xFpptYbtCO3EnyYJiQtxA+JrtBJGR8MObp9
VwFKMRZkm7ddaOS7MIkkRrienV8s76sPJkLxQGOPJtSBI3XgVdVBvIJzpTxAGE4W
OiXF2net5rRA+9VRfFjO4wctXE6jX1CWYNQRCDVKsC0dNkp5pJckhtzsEBY2FeoK
4q4qIHJlVmkweg6yb7DszCXrM3eTN5YxDfV/Z02FvIxmrvxOqi7GuRTkklUASkf7
X6x4TceKxXV5ybUunSu57c/KAZnY9laMu0CJkK/sVjY73P7SIRCcWf9DnFQyIqNQ
5LwDgexWth9rRikaHBFb1qjtL6mONgynsusH/0alvVJTZQid11yHFiDW6unZUT7R
WGkpzS+uRcOQZKDSiUp43/IClmtgnZR7Cl5X1G+upIRaq9q6j/EH/Hf7jS/ohOYt
2BaPSq5h1CEzGYBkv9p72DEDKtPygdBC0hdyLOKht4lXuVDVZNl5SQNixvFEHe2V
xA0SLbxEPdslRY+Tnc4oDU/ZE3sDWUqgCkDsqnn6zw+pUU4LpHo+lB9Ic8J+7BmH
zafln24KGsebIrNGM2ns
=fIQB
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.