Date: Tue, 25 Feb 2014 00:56:42 +0200 From: Henri Salo <henri@...v.fi> To: oss-security@...ts.openwall.com Subject: CVE request: hexchat buffer overflow Can I get 2013 CVE for buffer overflow issue in hexchat, thanks. Bug report: https://github.com/hexchat/hexchat/issues/463 Fixed in commit: https://github.com/hexchat/hexchat/commit/8996baa35ee12556a7bf402e3568193dbafec5f1 Exploit: http://packetstorm.igor.onlinedirect.bg/1304-exploits/hexchat-overflow.txt More information: http://osvdb.org/92115 hexchat was recently accepted to Debian unstable: http://packages.qa.debian.org/h/hexchat.html I haven't verified this vulnerability or exploit. --- Henri Salo Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.