Date: Mon, 4 May 2015 07:35:51 +0200 From: Salvatore Bonaccorso <carnil@...ian.org> To: OSS Security Mailinglist <oss-security@...ts.openwall.com> Cc: CVE Assignments MITRE <cve-assign@...re.org> Subject: CVE request: libarchive: Out of bounds read using malformed cpio archive Hi Could a CVE be assigned for the following issue in libarchive: Advisory by Paris Zoumpouloglou: http://seclists.org/fulldisclosure/2015/Apr/102 Upstream bugreport (including reproducer for the issue): https://github.com/libarchive/libarchive/issues/502 Fixing commit: https://github.com/libarchive/libarchive/commit/e6c9668f3202215ddb71617b41c19b6f05acf008 Additional reference in Red Hat's bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1216891 Regards, Salvatore
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.