Date: Tue, 15 Mar 2016 18:43:07 +0300 From: Solar Designer <solar@...nwall.com> To: oss-security@...ts.openwall.com Cc: La??l Cellier <lael.cellier@...oste.net> Subject: Re: server and client side remote code execution through a buffer overflow in all git versions before 2.7.1 (unpublished cve-2016-2324 and cve-2016-2315) Thanks for bringing this to oss-security. On Tue, Mar 15, 2016 at 03:55:37PM +0100, La??l Cellier wrote: > Hello, original report describing the overflow is here > http://pastebin.com/UX2P2jjg Going forward, please post the actual content directly to oss-security, not (only) via reference. I've attached the contents of this pastebin to this message, so that it's properly archived. (No idea why you had "cve" obfuscated with Unicode, but I undid that.) Alexander View attachment "cve-2016-2315.c" of type "text/x-c" (1674 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.