oss-sec mailing list archives
Re: CVE id request: latd
From: Ignatios Souvatzis <is () netbsd org>
Date: Tue, 5 Feb 2013 08:12:51 +0100
On Sun, Feb 03, 2013 at 09:11:13PM -0700, Kurt Seifried wrote:
On 02/03/2013 04:48 AM, Nico Golde wrote:Hey, latd suffers of a buffer overflow when processing the version header and generating an error message. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699625 Can we get a CVE id for this? Cheers NicoPlease use CVE-2013-0251 for this issue.
All versions from 1.25 to 1.30 contain the bug. I've inspected the code to find out whether the pkgsrc package version has it and to write a proper pkg-vulnerabilities database entry. Regards, -is
Current thread:
- CVE id request: latd Nico Golde (Feb 03)
- Re: CVE id request: latd Kurt Seifried (Feb 03)
- Re: CVE id request: latd Ignatios Souvatzis (Feb 04)
- Re: CVE id request: latd Kurt Seifried (Feb 03)