Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 5 Feb 2013 08:12:51 +0100
From: Ignatios Souvatzis <>
Subject: Re: CVE id request: latd

On Sun, Feb 03, 2013 at 09:11:13PM -0700, Kurt Seifried wrote:
> On 02/03/2013 04:48 AM, Nico Golde wrote:
> > Hey, latd suffers of a buffer overflow when processing the version
> > header and generating an error message.
> > 
> >
> > 
> > Can we get a CVE id for this?
> > 
> > Cheers Nico
> Please use CVE-2013-0251 for this issue.

All versions from 1.25 to 1.30 contain the bug. I've inspected the 
code to find out whether the pkgsrc package version has it and to
write a proper pkg-vulnerabilities database entry.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.