[Secure-testing-team] Bug#815965: cpio: reads out-of-bounds with cpio 2.11

Salvatore Bonaccorso carnil at debian.org
Fri Feb 26 06:33:24 UTC 2016

Previous message: [Secure-testing-team] Bug#815923: [drupal7] SA-CORE-2016-001 for drupal6 & drupal7
Next message: [Secure-testing-team] Bug#815979: dotclear: New minor releases with security fixes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Source: cpio
Version: 2.11-4
Severity: important
Tags: security upstream

Hi!

See http://seclists.org/oss-sec/2016/q1/440 for reproducers (isses can
be uncovered if compiled with ASAN). There is no CVE assigned yet for
those, and as well I think no patch from upstream.

Regards,
Salvatore

Previous message: [Secure-testing-team] Bug#815923: [drupal7] SA-CORE-2016-001 for drupal6 & drupal7
Next message: [Secure-testing-team] Bug#815979: dotclear: New minor releases with security fixes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Secure-testing-team mailing list