Date: Wed, 28 Feb 2018 23:09:51 +0100 From: Hanno Böck <hanno@...eck.de> To: oss-security@...ts.openwall.com Subject: Re: Information on file, sqlite, libarchive, pcre issues for CVE IDs assigned by Apple? On Wed, 28 Feb 2018 21:24:10 +0100 Moritz Muehlenhoff <jmm@...ian.org> wrote: > Of the IDs mentioned above, only CVE-2017-10989 refers to specific, > identifiable information. Does anyone on the list have additional > information on any of these bugs; allowing to map them to upstream > bug reports/patches? This only partly answers your question, but the oss-fuzz issues are handled in a public bug tracker (public as in "they become public once they're fixed or a deadline has passed" I believe): https://bugs.chromium.org/p/oss-fuzz/issues/list You'll find issues in sqlite, file and libarchive there, but of course that doesn't give you a mapping to the CVEs assigned. -- Hanno Böck https://hboeck.de/ mail/jabber: hanno@...eck.de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.