Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20171011044549.4p5ochtrxok2nmem@lorien.valinor.li>
Date: Wed, 11 Oct 2017 06:45:49 +0200
From: Salvatore Bonaccorso <carnil@...ian.org>
To: Leon Zhao <leon.zhao.7@...il.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: CVE request: Two DoS vulneribilities in
 libextractor

Hi Leon,

On Wed, Oct 11, 2017 at 11:40:33AM +0800, Leon Zhao wrote:
> Hello oss security,
> 
> I found two DoS vulneribilities in libextractor,
> 
> Affected version
> 1.4
> 
> 1. Divide-By-Zero
> https://bugzilla.redhat.com/show_bug.cgi?id=1499599
> http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html
> Fixed
> 
> 2. Null Pointer Dereference
> https://bugzilla.redhat.com/show_bug.cgi?id=1499600
> http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html
> Fixed

As this states explicitly a 'CVE request' on the subject. Please note
that CVEs cannot be requested anymore via the oss-security list,
instead please fill the form at https://cveform.mitre.org/ 

Once you got CVEs assigned, can you please post those assignment
following up here on your original post to have the other members of
this list informed on the assignment.

Thanks for your contribution!

Regards,
Salvatore

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.