Date: Thu, 1 Jun 2017 09:23:13 +0200 From: Peter Bex <peter@...e-magic.net> To: Open Source Security <oss-security@...ts.openwall.com> Subject: CVE-2017-9334 CHICKEN Scheme: denial of service due to invalid pointer dereference Hi all, I just received my assignment of CVE-2017-9334 for this issue: An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of service by passing an improper list to an application that calls "length" on it. Original announcement: http://lists.nongnu.org/archive/html/chicken-announce/2017-05/msg00000.html Patch: http://lists.nongnu.org/archive/html/chicken-hackers/2017-05/msg00099.html Cheers, Peter Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.