oss-sec mailing list archives

CVE request: jhead

From: Jamie Strandboge <jamie () canonical com>
Date: Wed, 15 Oct 2008 11:55:42 -0500

Hi,

Marc Merlin and John Dong discovered several vulnerabilities in jhead.
Upstream was contacted, who later released jhead 2.84 [1]. Initial
report can be seen in Ubuntu's bug tracker [2].

CC'ing John, as he is who found the majority of the issues and
coordinated with upstream.

Jamie

[1] http://www.sentex.net/~mwandel/jhead/changes.txt
[2] https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020

-- 
Ubuntu Security Engineer     | http://www.ubuntu.com/
Canonical Ltd.               | http://www.canonical.com/

Attachment: signature.asc
Description: Digital signature

Current thread:

CVE request: jhead Jamie Strandboge (Oct 15)
- Re: CVE request: jhead Steven M. Christey (Oct 15)
  - Re: CVE request: jhead John Dong (Oct 16)
    - Re: CVE request: jhead Steven M. Christey (Oct 22)
    - Re: CVE request: jhead Robert Buchholz (Nov 26)
- Re: CVE request: jhead Steven M. Christey (Oct 15)