|
Message-ID: <7719b136.37c1cef6@fabiankeil.de>
Date: Thu, 4 Dec 2014 16:41:31 +0100
From: Fabian Keil <freebsd-listen@...iankeil.de>
To: oss-security@...ts.openwall.com
Subject: Re: Buffer overflow in antiword 0.37
Fabian Keil <freebsd-listen@...iankeil.de> wrote:
> The attached patch prevents a buffer overflow in antiword 0.37
> (http://www.winfield.demon.nl/):
[...]
> The buffer overflow has been reported upstream and the patch was accepted,
> but apparently there will not be an official antiword release any time soon.
>
> The bug was found with afl-fuzz.
Apparently zzuf found it first, though:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771768
Fabian
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.