oss-sec mailing list archives
cgit convert_query_hexchar infinite loop (CVE-2011-1027)
From: Tomas Hoger <thoger () redhat com>
Date: Mon, 7 Mar 2011 09:07:38 +0100
Hi! Jim Meyering discovered an infinite loop flaw in cgit. The issue was fixed upstream in 0.9 and 0.8.3.5. Upstream commit has all the details: http://hjemli.net/git/cgit/commit/?id=fc384b16fb9787380746000d3cea2d53fccc548e -- Tomas Hoger / Red Hat Security Response Team
Current thread:
- cgit convert_query_hexchar infinite loop (CVE-2011-1027) Tomas Hoger (Mar 07)