oss-sec mailing list archives

CVE Request: Cap'n Proto: Several issues

From: Salvatore Bonaccorso <carnil () debian org>
Date: Mon, 16 Mar 2015 07:25:56 +0100

Hi

Can you assign CVEs for the following issues in Cap'n Proto? Details
and fixing commits are referenced in upstream problem descriptions:

1/ Integer overflow in pointer validation
  - https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2015-03-02-0-c%2B%2B-integer-overflow.md
  - https://bugs.debian.org/780565

2/ Integer underflow in pointer validation
  - https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2015-03-02-1-c%2B%2B-integer-underflow.md
  - https://bugs.debian.org/780566

3/ CPU usage amplification attack
  - https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2015-03-02-2-all-cpu-amplification.md
  - https://bugs.debian.org/780567

4/ CPU usage amplification attack #2
  - 
https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2015-03-05-0-c%2B%2B-addl-cpu-amplification.md
  - https://bugs.debian.org/780568

Thanks in advance,

Regards,
Salvatore

Current thread:

CVE Request: Cap'n Proto: Several issues Salvatore Bonaccorso (Mar 15)
- Re: CVE Request: Cap'n Proto: Several issues cve-assign (Mar 16)