oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions

From: cve-assign () mitre org
Date: Mon, 6 Jun 2016 10:21:20 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


I think CVE-2016-4347 and CVE-2015-7558 (stack exhaustion due to
cyclic dependency, reported here:
http://www.openwall.com/lists/oss-security/2015/12/21/5) are in fact,
the same issue. This is probably my fault (sorry!).

MITRE: We should reject the the newly assigned one?


Yes, we have rejected CVE-2016-4347 in favor of CVE-2015-7558.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXVYZVAAoJEHb/MwWLVhi23P4P/jRHh7qf6/Iw3JTxwbWOJYAb
vL30dueXHyLZkW+tHhBIk5YTRUfqcozmP8AbWpJ6MImYn9XpIXqyvh3m9b3kSIWX
pXABqX9FwdXhkDaQThsEiSy7IkzMZwSV8LYoZ4o+G4FmL9jwjTh7EUh5t8DXzZlC
bGgDwAtgWwxp5EhtrFHt00QTk9Qb+ShCxOEQGL/g0MXUqRbm4vIO4qrztxfo4Ekn
Oh9RhF+17pzhHJVf9UFIWWtqeUmKGsPPXBm63r0V64297gPpgmnaCo0ssk5Q1wE3
0Z2M63gsjsh8v5OJkL3QCP7hOCy4iPci0Xz0VPIp4V2Rh+qv7ref+K/Jd9Tp8Qpq
5wiWrMSp17ERhn5HT6uEFiSOq8p3uVr/TOXH/UifEuqTrcDJujTucVlLKMuWjGDQ
H/lr0XpRzeSP7kinUpJwQlL9s2qp7M5FE9YgecOt1IxFK6nJ4jrWpQJt9p4IqUZY
RZd972FpwYa3JHdtujZGkczJ1uV8I+qphxoRWJ/QPwzDJKSCuWKwAyD2/zf2VcmB
2trpFGsUaj6jZxrp7YkVyKTDXh2qnrlzrlZR9spJyB49vaeBkoY7+ERp/I75Cseg
0WtdElN3wW8StwMJFtkCO4SgN1rgwxtYXpVj4Jf5ktFZNSIXjbEQyMGxZ9EZ4phC
7zqsrHIVrLa91bz6TXVD
=VRYg
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: