oss-sec mailing list archives
Re: libproxy PAC downloading buffer overflows
From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 12 Oct 2012 07:46:47 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/12/2012 02:43 AM, Tomas Hoger wrote:
Hi! libproxy 0.4.9 fixes a buffer overflow reported by Tomas Mraz: http://code.google.com/p/libproxy/source/detail?r=853 https://groups.google.com/forum/?fromgroups=#!topic/libproxy/VxZ8No7mT0E
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4504
Upstream announcement also mentions another issue - CVE-2012-4505. It is related, but different problem that was found in pre-0.4 versions while investigating if they were affected by CVE-2012-4504. https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4505
Please use CVE-2012-4521 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iQIcBAEBAgAGBQJQeB9HAAoJEBYNRVNeJnmTXlwP/3NMEppbXkbdYPGNS4Rj3lX8 flnu+WxGy3kC0VDlzTXlmNtssy4/XoKxi4lKAcq97XOeLcZA9GeYTQPJI3DY4406 7CZEtZXM+n2wRbP1u0H+8s3wpzkfddTV7Oc9MvnwVdfr2qll5Q8Jj7offMat1TF1 nuf36c/jFG/7Dc7DES1OdEgE57JzWdGWwLmirMOwwrWMrdawa/i4lDIqOp+yTG5/ jaLrs2AkW7UJi92QvnBJbHfINcwHRv+KpYJVjaCbo7s8fqw11+kZkm1tR0T3RnLo gpU6ISjYiFM1JhHGKdVBIWJCDAEQ+vzeOK5kJ8mkOf8kPInk8dAMI2gCSg4PPG/c Nh8h7KV9+HNFhpomH5+WjTESHs8KVYIYYH3DbXb172rnSmlqI1FpqNRo45k+yjPx D2XAiYdlHYTugqght8wM8OEO4AKqwzCAFAptE8Ak+0BQIPO+sQMvYxWNxGej+RwZ 1ADyQzo3eIABhxTLq718gTW7TkB8ZtUbUgC0RPT0te+86iMtDiFYLRgU9yLCtQTI l7yBt6jaLM6efauO0utSqLOKuBOHa2X6/slRer7dVCoMQdcgo9iF+YOiTDuI0KjB W0/8HMJtZn2n7cHzemxMDjopnnJzq+hQ1psFrNKbzCG1d6kc+j7lCb5R3nxwpVdX CRerMxVX7boJjOYJT8Jm =3BoN -----END PGP SIGNATURE-----
Current thread:
- libproxy PAC downloading buffer overflows Tomas Hoger (Oct 12)
- Re: libproxy PAC downloading buffer overflows Kurt Seifried (Oct 12)
- Re: libproxy PAC downloading buffer overflows Matthias Weckbecker (Oct 12)
- Re: libproxy PAC downloading buffer overflows Kurt Seifried (Oct 12)
- Re: libproxy PAC downloading buffer overflows Matthias Weckbecker (Oct 12)
- Re: libproxy PAC downloading buffer overflows Tomas Hoger (Oct 16)
- Re: libproxy PAC downloading buffer overflows Kurt Seifried (Oct 12)