oss-sec mailing list archives
Re: CVE Request -- claws-mail -- NULL pointer derefence while processing email content.
From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 09 Oct 2012 22:53:41 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/09/2012 01:29 PM, Jérôme Benoit wrote:
Hello, A NULL pointer dereference flaw was found in the format agnostic email content processing code in claws-mail, an email client (or MUA) based on GTK+. References: [1] https://bugzilla.redhat.com/show_bug.cgi?id=862578 [2] http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2743 Could you allocate a CVE id for this? Cheers.
Just a note, patch is: www.thewildbeast.co.uk/claws-mail/bugzilla/attachment.cgi?id=1165 Please use CVE-2012-4507 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iQIcBAEBAgAGBQJQdP9VAAoJEBYNRVNeJnmTj8IP/0ibXnI3rSBGq0IIpVAgfMiA S54ntRAACeZzehmKtNqfPY/EJX6kbJvXso8PT6Df8NrmbK8ROrehNex0lz0Z3mHk Hc882RFoPY31ovJV+2aIt8pMTfkC1ywTQ02w1HbREyl74sP/fA4WGu5cOi8QAJZv fLbfVgMax3MyocWwCq09aTrRrM0dxCqSZE/dGWAJslo4T+4m9B9W4hTsUuz+aZpV 2OD4LtHq+xVg8PguLPwtBztni0Lh4KWYB5yIJ5FiGCKC5i/B1NRW232h7x1bnVSR dY+9oj/3KmWhOdWrrPAq33qhbj/ZEa7YdoSeGMVQoEH4FRFiv45Tl3YWFhM4K2fF E0V+yw8MbGdTse4R48RUqr9/9QZ4tgqGzPZgz84uHUVHmi37NouY7QybgKUZU0yF 3d8EMEtzpM5/jeVh4FNZ8zoGRlgebaeWgdZUSl6ZTr53pwvlpFJouhqytuNjblS8 MSFT5Zp7JLu65wp35vVkuS0brMYlCXcQl9+toL9OoI87xmiFwteaxLP6tzTHsMkS 749499CkFnv78WofLfCuwNbf32nnaFmPp6hEteQZ62+tKProH7wHQdSOv4omhjFa Grxu8zbEWv+ALS2C+HaZJOktLWx4/hCL6josUWt9zfl+U94frZxYNmQDHk+q83ls U/iHLmy7Iu1dm0SHWrIZ =HeLF -----END PGP SIGNATURE-----
Current thread:
- CVE Request -- claws-mail -- NULL pointer derefence while processing email content. Jérôme Benoit (Oct 09)
- Re: CVE Request -- claws-mail -- NULL pointer derefence while processing email content. Kurt Seifried (Oct 09)