oss-sec mailing list archives
Re: CVE request - mcrypt buffer overflow flaw
From: Raphael Geissert <geissert () debian org>
Date: Thu, 13 Sep 2012 13:15:54 -0500
On Thursday 13 September 2012 12:12:14 Kurt Seifried wrote:
On 09/12/2012 11:00 AM, Raphael Geissert wrote:Since CVE-2012-4409 has been widely related to the salt issue, I guess we need another CVE id? One could cover all the other issues.Can you post a summary of all these other issues ideally with the links to code commits? Thanks.
The code has been abandoned for years. There are no fixes for those issues from upstream. The first paragraph of Eygene Ryabinkin's email summarises them pretty well. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Current thread:
- CVE request - mcrypt buffer overflow flaw Vincent Danen (Sep 06)
- Re: CVE request - mcrypt buffer overflow flaw Kurt Seifried (Sep 06)
- Re: CVE request - mcrypt buffer overflow flaw Raphael Geissert (Sep 06)
- Re: CVE request - mcrypt buffer overflow flaw Vincent Danen (Sep 06)
- Re: CVE request - mcrypt buffer overflow flaw Raphael Geissert (Sep 10)
- Re: CVE request - mcrypt buffer overflow flaw Kurt Seifried (Sep 13)
- Re: CVE request - mcrypt buffer overflow flaw Vincent Danen (Sep 06)
- Re: CVE request - mcrypt buffer overflow flaw Eygene Ryabinkin (Sep 11)
- Re: CVE request - mcrypt buffer overflow flaw Raphael Geissert (Sep 12)
- Re: CVE request - mcrypt buffer overflow flaw Kurt Seifried (Sep 13)
- Re: CVE request - mcrypt buffer overflow flaw Raphael Geissert (Sep 13)
- Re: CVE request - mcrypt buffer overflow flaw Raphael Geissert (Sep 12)
- Re: CVE request - mcrypt buffer overflow flaw Raphael Geissert (Sep 15)