Re: CVE Request: FlightGear and Simgear Multiple vulnerabilities

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/10/2012 09:23 AM, Andres Gomez wrote:
> Hi,
>
> could I please get CVEs assigned to the following issues?:
>
> Multiple format string vulnerabilities have been found in
> flightgear and simgear (version <= 2.6) as described in the mail
> thread:
>
> http://sourceforge.net/mailarchive/message.php?msg_id=28957051

Please use CVE-2012-2090 for these issues.

> Also multiple buffer overflow vulnerabilities were found in the
> same software as described in:
>
> http://sourceforge.net/mailarchive/message.php?msg_id=29011989

Please use CVE-2012-2091 for these issues.

> They are still unpatched but developers have not demostrated any
> interest on fixing these issues.
>
> Thanks,
>
> Andres Gomez




- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPhIj7AAoJEBYNRVNeJnmTtSkQAJ7CxrY7/5HRS4xN25lDNH4J
V3UAmjIt8c29Ujg6REWiUCdk0qYm7TMgpnS9LpCEXXIX/yA4sBXRTI7yJpEZxdKN
xwgxuXPIvmEZkLT+112rMWsCn/wmJ0uQH/lSU3rb/vi7YGr0Jx11QcoR4UmdWbNs
W7OTwuTbUDTI6ZK8OozyjtZDmz9K8HjFKhFAcGteNFyXv0xdmb7Vq3108mcuk9SC
V56Nz0Q07QzUlPxN4IgQ/V1bpP1fx13bKOzFQGFjCmlprffPzUzTgYJkwX1G75Bn
W1UrjUyWa2T40LiTOyquFaHnzOXrz6oJ+i3ulL0WNEJ/TxMSdAWSXA9ZvMK6ddQd
jAN487we1sAmbXX3ZJuWQ1X//2uKMnGoV4P971w6omShWR+AyjXpdpCvyiRmayL2
T317mzqpXXfsHRasyFRu/E2vf5ulkCcR6lmeJxk33vJ1D3NqIAyk3SUgPxETE86T
JmpxgmY5o0CsW7FXUUwraT4sL60AeBo4SqKZnfyTNtrrQce+KD8TEMy+Lq3n1IW8
Mxe/EVoXwmx01aRyTo8dTPlK0CJoClVx28CzzisNPHCTPJTeRfylVDFxRWUyhbAJ
8ES+pWasU4OKYVBZWvlM5IRNxpsCbTQ1XOM1ElQKeNoDlutFNHFbexVlB8ZHv+Ue
niS4tZwHZ4Kv5zg+Mpgu
=FZ9c
-----END PGP SIGNATURE-----