Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 10 Apr 2015 15:58:33 +0200
From: Tomas Hoger <>
To: Joshua Rogers <>
Cc: "" <>
Subject: Re: CVE Request: MySQL Null Pointer Dereference

On Fri, 10 Apr 2015 18:46:47 +1000 Joshua Rogers wrote:

> Could I get a CVE-ID assigned for this bug?:

I believe this kind of issues is not considered security / needing CVE
without further justification.  The problem here only occurs if
malloc(small_value) fails.  Considering how small the value is and that
it's not attacker controlled, it's fairly non-obvious if attacker has
any practical chance of triggering this bug.

Tomas Hoger / Red Hat Product Security

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.