oss-sec mailing list archives
Re: CVE Request: programming error in crypt(3)
From: Kurt Seifried <kseifried () redhat com>
Date: Thu, 26 Apr 2012 18:01:03 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/26/2012 03:36 PM, Xin Li wrote:
Hi, I'd like to request a CVE number for a programming error in FreeBSD's crypt(3) implementation, which prevents it from generating a right hash from input in certain circumstances. We will publish the details in an upcoming advisory. Thanks in advance! Cheers,
If you want a CVE # with no info I'm going to have to decline as I can't verify anything and have no idea if it's a duplicate/etc (did FreeBSD assign one already perhaps?). Can you share the info with security () freebsd org and then have them request it (at least then I know it's legitimate) which might work. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJPmeG/AAoJEBYNRVNeJnmTAIAP/2YPAUA99Xhykj197dmJaNar wkPE/gdcgmKLhgAYIxZkuEVRkI8c2M0zlh4XLVSQeXFfJmDJwLwXt83X/ozRxzB0 +YiyMh1zOg84m6zIeLlykvLC+0kcAHsPjmEVdJp3V0UXphFoeBYudpRzOy27H0OO WR1uzcb0+ivCtNcEzy/I1T77s/tD2DjI7hpYIVxfRjVUmeBkAMF09a/1A2/crshI HBx+lVRlBJleaWMCW4HO3R40L1PqTOlBb1piZC8VlzfA+oRg58FOvghMjfAbD3Q6 eJtJLYn26zlI/GdAl50dCy90Ckh8j3vHxFDF+sRL2sCV8W1VHKm5r4AiE0nNnyTP plNY1XEmP6Uli8SUN/Z+iZ4iiEW/Cr2suL6hYGY7DcaH0HK+C6OhQjIH8aLaO0WI wXN0ofXkMhAz3zGNlQ9TmM/B51lIv28i3HcmZDYhoW7B5yOO1kGcW2NbfWcHujbG vdBPgqxNtrJVrUJcvZfzz2NVO0N0a67chz5o44fiye/yGcmuSbkSLj5Qw4/iy1Kf dSYG0qb76RNZ5PEBkkxNXPmLO+ZrgK/N+zZb6KYR8ul4YTDpx2IiF/xe4qIzvykG yi4AEMKIEztSplr9mS6mJwCdDgOpFrp26lw3Cww3IyicMnr1In6z8goCfbj4pJQc YG7BkJyhuk+lKVgvngHJ =jiYm -----END PGP SIGNATURE-----
Current thread:
- CVE Request: programming error in crypt(3) Xin Li (Apr 26)
- Re: CVE Request: programming error in crypt(3) Kurt Seifried (Apr 26)
- Re: CVE Request: programming error in crypt(3) Eitan Adler (Apr 26)
- Re: CVE Request: programming error in crypt(3) Kurt Seifried (Apr 26)
- Re: CVE Request: programming error in crypt(3) Eitan Adler (Apr 26)
- Re: CVE Request: programming error in crypt(3) Kurt Seifried (Apr 26)
- Re: CVE Request: programming error in crypt(3) Xin Li (Apr 26)
- Re: CVE Request: programming error in crypt(3) Kurt Seifried (Apr 26)