oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: request CVE for weborf

From: Josh Bressers <bressers () redhat com>
Date: Mon, 31 Jan 2011 16:17:52 -0500 (EST)
Please use CVE-2011-0529.

Thanks.

-- 
    JB

----- Original Message -----

Greetings,

i am requesting a CVE for weborf
http://galileo.dmi.unict.it/wiki/weborf/

weborf 0.12.5 fixes a DoS occurring with malformed fields in HTTP
request.

Diff from previous version 0.12.4:

$ diff 0.12.4/utils.c 0.12.5/utils.c
270a271,272

    val += param_len + 2; //Moves the begin of the string to exclude
    the

name of the field



276d277
< val += param_len + 2; //Moves the begin of the string to exclude the
name of the field

Regards
--
Salvo Tomaselli
Previous By Date Next
Previous By Thread Next

Current thread: