Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 31 Jan 2017 15:09:58 +0100 (CET)
From:  <>
To:  <>
Subject: CVE request: multiples vulnerabilities in libplist

Fixed in libplist, a library to handle Apple Property List format in binary or XML. Debian and Ubuntu are using vulnerable versions.
Public issues:heap-buffer-overflow in parse_dict_node
memory allocation error

heap-buffer-overflow CVE-2017-5545 used in

issue in plist_free_data plist.c:185

Regards, Nikola
Nikola s.c

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.