oss-sec mailing list archives
CVE id request: cbrpager
From: Tomas Hoger <thoger () redhat com>
Date: Sun, 25 May 2008 15:25:31 +0200
Hi all! Mamoru Tasaka, cbrpager package maintainer in Fedora, discovered, that cbrpager is affected by command execution flaw via malicious file names in a similar way as comix was affected (as discussed on this list previously - http://www.openwall.com/lists/oss-security/2008/03/31/1 ). Mamoru's patch was accepted in the new upstream version - 0.9.17. Further details and links in: https://bugzilla.redhat.com/show_bug.cgi?id=448285 -- Tomas Hoger / Red Hat Security Response Team
Current thread:
- CVE id request: cbrpager Tomas Hoger (May 25)
- Re: CVE id request: cbrpager Robert Buchholz (May 26)