Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 10 Dec 2014 02:01:08 +1100
From: Joshua Rogers <>
Subject: Re: Re: CVE Request: Graphviz format string vuln

Just for reference, this was found by me, using afl-fuzz.

On 02/12/14 05:04, Steven M. Christey wrote:
> On Sun, 30 Nov 2014, Joshua Rogers wrote:
>> On 25/11/14 16:40, Joshua Rogers wrote:
>>> Hi,
>>> A format string vulnerability has been found in `graphviz'.
>>> The fix commit is here:
>>> Could I get a CVE-ID for this?
> Use CVE-2014-9157.
> - Steve

-- Joshua Rogers <>

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.