oss-sec mailing list archives
Re: CVE request: BusyBox unpack_Z_stream() buffer underflow
From: Tomas Hoger <thoger () redhat com>
Date: Fri, 19 Aug 2011 14:52:26 +0200
On Fri, 19 Aug 2011 13:36:31 +0200 Alex Legler wrote:
Secunia [1] reported a fix in BusyBox for a flaw similar to CVE-2006-1168:
We had that mentioned here: https://bugzilla.redhat.com/show_bug.cgi?id=727624#c8
Please assign a CVE.
Given that busybox embeds ncompress code, I believe old CVE can / should be used for busybox too. I'm happy to be corrected if I'm wrong. -- Tomas Hoger / Red Hat Security Response Team
Current thread:
- CVE request: BusyBox unpack_Z_stream() buffer underflow Alex Legler (Aug 19)
- Re: CVE request: BusyBox unpack_Z_stream() buffer underflow Tomas Hoger (Aug 19)