oss-sec mailing list archives
CVE request - buffer overflow in xdelta3 before 3.0.9
From: Stepan Golosunov <stepan () golosunov pp ru>
Date: Mon, 8 Feb 2016 11:19:14 +0400
Hi, Buffer overflow was found and fixed in xdelta3 binary diff tool that allows arbitrary code execution from input files at least on some systems. 08.02.2016 в 06:57:12 +0100 Salvatore Bonaccorso написал:
On Sun, Feb 07, 2016 at 07:05:12PM +0400, Stepan Golosunov wrote:This appears to be fixed in xdelta3 3.0.9 and later via https://github.com/jmacd/xdelta-devel/commit/ef93ff74203e030073b898c05e8b4860b5d09ef2Can you request a CVE as well on the oss-security mailinglist or from MITRE directly? (You can keep us in the loop).
Doing so.
Current thread:
- CVE request - buffer overflow in xdelta3 before 3.0.9 Stepan Golosunov (Feb 08)
- Re: CVE request - buffer overflow in xdelta3 before 3.0.9 cve-assign (Feb 08)