oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Fuzzy CVE's in GNU inetutils

From: Alan Coopersmith <alan.coopersmith () oracle com>
Date: Sun, 16 Jan 2022 15:49:29 -0800
On 1/16/22 00:54, Salvatore Bonaccorso wrote:

Hi,

On Fri, Jan 14, 2022 at 06:56:13PM -0800, Alan Coopersmith wrote:

I noticed a number of new CVE's recently published against GNU inetutils,
which seem to correspond to the results of fuzz testing that were mailed
out in December, as seen on
https://lists.gnu.org/archive/html/bug-inetutils/2021-12/threads.html


In fact all of those were REJECTED again (with a "Further
investigation showed that it was not a security issue" reason).


Thanks, I see they've all been updated since I checked on Friday.

--
        -Alan Coopersmith-                 alan.coopersmith () oracle com
         Oracle Solaris Engineering - https://blogs.oracle.com/solaris
Previous By Date Next
Previous By Thread Next

Current thread: