Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 8 Oct 2016 10:15:55 -0300
From: Gustavo Grieco <>
Subject: CVE request: invalid memory accesses parsing object files in libgit2


We recently reported two invalid memory accesses in the last revision
of libgit2:

* Read out-of-bounds in git_oid_nfmt:

* DoS using a null pointer derreference in git_commit_message:

The developers are preparing a patch to harden object parsing in libgit2 here:

Please assign one or more CVE if suitable.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.