Date: Wed, 10 Dec 2014 02:01:08 +1100 From: Joshua Rogers <oss@...ernot.info> To: oss-security@...ts.openwall.com Subject: Re: Re: CVE Request: Graphviz format string vuln Just for reference, this was found by me, using afl-fuzz. Thanks, On 02/12/14 05:04, Steven M. Christey wrote: > > On Sun, 30 Nov 2014, Joshua Rogers wrote: > >> On 25/11/14 16:40, Joshua Rogers wrote: >>> Hi, >>> >>> A format string vulnerability has been found in `graphviz'. >>> The fix commit is here: >>> https://github.com/ellson/graphviz/commit/99eda421f7ddc27b14e4ac1d2126e5fe41719081 >>> >>> >>> Could I get a CVE-ID for this? > > Use CVE-2014-9157. > > - Steve > -- -- Joshua Rogers <https://internot.info/>
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.