oss-sec mailing list archives
Re: CVE request: dir traversal in elfutils
From: Vasyl Kaigorodov <vkaigoro () redhat com>
Date: Tue, 6 Jan 2015 10:39:33 +0100
Hello everyone,
Initial (terse) report: https://lists.fedorahosted.org/pipermail/elfutils-devel/2014-December/004499.html Fix (with analysis in commit message): https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18eUse CVE-2014-9486.
Something is not quite correct here, wasn't CVE-2014-9447 assigned to this already? http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9447 Thanks. -- Vasyl Kaigorodov | Red Hat Product Security PGP: 0xABB6E828 A7E0 87FF 5AB5 48EB 47D0 2868 217B F9FC ABB6 E828 On Sat, 03 Jan 2015, cve-assign () mitre org wrote:
On Mon, 29 Dec 2014, Alexander Cherepanov wrote:Hi! A dir traversal vuln is fixed in elfutils: Initial (terse) report: https://lists.fedorahosted.org/pipermail/elfutils-devel/2014-December/004499.html Fix (with analysis in commit message): https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e At least versions 0.152 and 0.161 are affected. Could CVE please be assigned?Use CVE-2014-9486. --- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ]
Attachment:
_bin
Description:
Current thread:
- Re: CVE request: dir traversal in elfutils cve-assign (Jan 03)
- Re: CVE request: dir traversal in elfutils Vasyl Kaigorodov (Jan 06)