Date: Tue, 10 Sep 2013 03:24:41 +0430 From: Hamid Zamani <me@...idx9.ir> To: oss-security@...ts.openwall.com Subject: Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites On 09/10/2013 01:18 AM, Florian Weimer wrote: > * Kurt Seifried: > >> Format String please use CVE-2013-4258 > > This was actually fixed in r285, before the report: > > http://sourceforge.net/mailarchive/forum.php?thread_name=E1Rp1rP-00038Z-VJ%40sfp-svn-6.v30.ch3.sourceforge.com&forum_name=nas-commits > > In case someone else is wondering why there hasn't been a recent > commit fixing a format string issue. :-) > > That's right , but as i checked it had been fixed on upstream but packages on distros like Debian, Ubuntu and ... not. So i just reported that in order to update packages. Of course i had to mentioned that as it discussed at radscan mail list. Thanks -- Regards, Hamid Zamani (aka HAMIDx9) Ashiyane Digital Security Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.