Date: Wed, 11 Oct 2017 06:45:49 +0200 From: Salvatore Bonaccorso <carnil@...ian.org> To: Leon Zhao <leon.zhao.7@...il.com> Cc: oss-security@...ts.openwall.com Subject: Re: CVE request: Two DoS vulneribilities in libextractor Hi Leon, On Wed, Oct 11, 2017 at 11:40:33AM +0800, Leon Zhao wrote: > Hello oss security, > > I found two DoS vulneribilities in libextractor, > > Affected version > 1.4 > > 1. Divide-By-Zero > https://bugzilla.redhat.com/show_bug.cgi?id=1499599 > http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html > Fixed > > 2. Null Pointer Dereference > https://bugzilla.redhat.com/show_bug.cgi?id=1499600 > http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html > Fixed As this states explicitly a 'CVE request' on the subject. Please note that CVEs cannot be requested anymore via the oss-security list, instead please fill the form at https://cveform.mitre.org/ Once you got CVEs assigned, can you please post those assignment following up here on your original post to have the other members of this list informed on the assignment. Thanks for your contribution! Regards, Salvatore
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.