Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 10 Sep 2013 03:24:41 +0430
From: Hamid Zamani <me@...idx9.ir>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites

On 09/10/2013 01:18 AM, Florian Weimer wrote:
> * Kurt Seifried:
> 
>> Format String please use CVE-2013-4258
> 
> This was actually fixed in r285, before the report:
> 
> http://sourceforge.net/mailarchive/forum.php?thread_name=E1Rp1rP-00038Z-VJ%40sfp-svn-6.v30.ch3.sourceforge.com&forum_name=nas-commits
> 
> In case someone else is wondering why there hasn't been a recent
> commit fixing a format string issue. :-)
> 
> 

That's right , but as i checked it had been fixed on upstream but
packages on distros like Debian, Ubuntu and ... not. So i just reported
that in order to update packages.

Of course i had to mentioned that as it discussed at radscan mail list.

Thanks

-- 
Regards,
Hamid Zamani (aka HAMIDx9)
Ashiyane Digital Security Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.