oss-sec mailing list archives
CVE request: atheme: security fixes
From: Max Teufel <max () teufelsnetz com>
Date: Mon, 2 May 2016 19:14:58 +0200
Hi, Multiple security issues were found in Atheme, an IRC services package, which will be fixed in the upcoming 7.2.7 release. Could CVEs be assigned to the issues summarized below? Fix: https://github.com/atheme/atheme/commit/c597156adc60a45b5f827793cd420945f47bc03b Description: A remote attacker could change Atheme's behavior by registering/dropping certain accounts/nicks. Reference: https://github.com/atheme/atheme/issues/397 Fix: https://github.com/atheme/atheme/commit/87580d767868360d2fed503980129504da84b63e Description: Under certain circumstances, a remote attacker could cause denial of service due to a buffer overflow in the XMLRPC response encoding code. Regards, Max Teufel
Current thread:
- CVE request: atheme: security fixes Max Teufel (May 02)
- Re: CVE request: atheme: security fixes cve-assign (May 02)
- Re: CVE request: atheme: security fixes Max Teufel (May 03)
- Re: CVE request: atheme: security fixes cve-assign (May 02)