oss-sec mailing list archives
CVE request: spencer regexp
From: Moritz Muehlenhoff <jmm () debian org>
Date: Mon, 16 Feb 2015 19:19:15 +0100
Hi, please assign a CVE ID for this: http://www.kb.cert.org/vuls/id/695940 https://guidovranken.wordpress.com/2015/02/04/full-disclosure-heap-overflow-in-h-spencers-regex-library-on-32-bit-systems/ This affects multiple source packages including local copies of the code. However, in many cases the code is only used when building for Android or Windows. Current WIP status for source packages in Debian: https://security-tracker.debian.org/tracker/TEMP-0778389-A8C6F9 Cheers, Moritz
Current thread:
- CVE request: spencer regexp Moritz Muehlenhoff (Feb 16)
- Re: CVE request: spencer regexp Siddharth Sharma (Mar 11)
- Re: CVE request: spencer regexp cve-assign (Mar 11)
- Re: Re: CVE request: spencer regexp Siddharth Sharma (Mar 12)
- Re: Re: CVE request: spencer regexp Siddharth Sharma (Mar 12)
- Re: Re: CVE request: spencer regexp Alistair Crooks (Mar 12)
- Re: Re: CVE request: spencer regexp Siddharth Sharma (Mar 12)
- Re: CVE request: spencer regexp cve-assign (Mar 16)