oss-sec mailing list archives
Re: Information on file, sqlite, libarchive, pcre issues for CVE IDs assigned by Apple?
From: Hanno Böck <hanno () hboeck de>
Date: Wed, 28 Feb 2018 23:09:51 +0100
On Wed, 28 Feb 2018 21:24:10 +0100 Moritz Muehlenhoff <jmm () debian org> wrote:
Of the IDs mentioned above, only CVE-2017-10989 refers to specific, identifiable information. Does anyone on the list have additional information on any of these bugs; allowing to map them to upstream bug reports/patches?
This only partly answers your question, but the oss-fuzz issues are handled in a public bug tracker (public as in "they become public once they're fixed or a deadline has passed" I believe): https://bugs.chromium.org/p/oss-fuzz/issues/list You'll find issues in sqlite, file and libarchive there, but of course that doesn't give you a mapping to the CVEs assigned. -- Hanno Böck https://hboeck.de/ mail/jabber: hanno () hboeck de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
Current thread:
- Information on file, sqlite, libarchive, pcre issues for CVE IDs assigned by Apple? Moritz Muehlenhoff (Feb 28)
- Re: Information on file, sqlite, libarchive, pcre issues for CVE IDs assigned by Apple? Hanno Böck (Feb 28)