oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request -- GMime-2.4.15

From: Josh Bressers <bressers () redhat com>
Date: Wed, 3 Feb 2010 13:16:09 -0500 (EST)

----- "Jan Lieskovsky" <jlieskov () redhat com> wrote:


Hi Josh, Steve, vendors,

   GMime upstream has released latest 2.4.15 [1] version of the
library fixing one security issue. From 2.4.15-changes [2] file:

2010-01-31  Jeffrey Stedfast  <fejj () novell com>

      * gmime/gmime-encodings.h (GMIME_UUENCODE_LEN): Fixed to prevent
      possible buffer overflows.

References:

[1] http://ftp.gnome.org/pub/GNOME/sources/gmime/2.4/
[2]
http://ftp.gnome.org/pub/GNOME/sources/gmime/2.4/gmime-2.4.15.changes
[3]
http://ftp.gnome.org/pub/GNOME/sources/gmime/2.4/gmime-2.4.14-2.4.15.diff.gz
[4] http://secunia.com/advisories/38459/

Could you allocate a CVE id for this?



Please use CVE-2010-0409 for this.

Thanks.

-- 
    JB
Previous By Date Next
Previous By Thread Next

Current thread: