oss-sec mailing list archives

CVE request: billion laughs flaw in ptlib

From: Vincent Danen <vdanen () redhat com>
Date: Fri, 15 Mar 2013 10:42:38 -0600

Ekiga 4.0.1 was released and noted a security fix in ptlib (seems to be
embedded in Ekiga) for a "billion laughs" style attack.  Could a CVE be
assigned to this?

Thanks.

References:
http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available
http://opalvoip.svn.sourceforge.net/viewvc/opalvoip?view=revision&revision=28856
https://bugzilla.redhat.com/show_bug.cgi?id=922177

--

Vincent Danen / Red Hat Security Response Team

Current thread:

CVE request: billion laughs flaw in ptlib Vincent Danen (Mar 15)
- Re: CVE request: billion laughs flaw in ptlib Kurt Seifried (Mar 15)