[Bug 928328] New: VUL-1: libnettle: off-by-one in the test suite
http://bugzilla.suse.com/show_bug.cgi?id=928328 Bug ID: 928328 Summary: VUL-1: libnettle: off-by-one in the test suite Classification: openSUSE Product: openSUSE Factory Version: 201503* Hardware: Other OS: Other Status: NEW Severity: Minor Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: vpereira@novell.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Address Sanitizer found a problem in the des-compat-test.c the line: for (i=0; i<(NUM_TESTS-1); i++) should be: for (i=0; i<(NUM_TESTS-2); i++) we found a simila problem, in the 13.2, however in Factory it was already fixed. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=928328 --- Comment #3 from Marcus Meissner <meissner@suse.com> --- did you send it upstream already? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=928328 Andreas Stieger <astieger@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |astieger@suse.com, | |tchvatal@suse.com --- Comment #4 from Andreas Stieger <astieger@suse.com> --- (In reply to Marcus Meissner from comment #3)
did you send it upstream already?
Thomas, could you send this upstream? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=928328 Andreas Stieger <astieger@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|security-team@suse.de |tchvatal@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=928328 --- Comment #5 from Tomáš Chvátal <tchvatal@suse.com> --- Sent mail here: https://lists.lysator.liu.se/mailman/listinfo/nettle-bugs -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=928328 --- Comment #6 from Andreas Stieger <astieger@suse.com> --- (In reply to Tomas Chvatal from comment #5)
Sent mail here: https://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
http://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003388.html No reply as of writing. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=928328 http://bugzilla.suse.com/show_bug.cgi?id=928328#c7 --- Comment #7 from Tomáš Chvátal <tchvatal@suse.com> --- It is fixed by upstream: https://git.lysator.liu.se/nettle/nettle/commit/abf3870cba401bc797676cdee84f... -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=928328 http://bugzilla.suse.com/show_bug.cgi?id=928328#c8 --- Comment #8 from Tomáš Chvátal <tchvatal@suse.com> --- What distros would you like to have this fixed on? Or can this be closed? (As it is reported against factory). -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=928328 http://bugzilla.suse.com/show_bug.cgi?id=928328#c9 Andreas Stieger <astieger@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |UPSTREAM --- Comment #9 from Andreas Stieger <astieger@suse.com> --- (In reply to Tomáš Chvátal from comment #8)
What distros would you like to have this fixed on? Or can this be closed? (As it is reported against factory).
This package is in SLE12. However the code is in the test suite which is not run in the productive package. SLE 12 is therefore not affected. The issue can be closed as it was upstreamed and the next Factory release will contain it. No update required as far as I can see. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=928328 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| maint:planned:update | -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=928328 http://bugzilla.suse.com/show_bug.cgi?id=928328#c10 --- Comment #10 from Swamp Workflow Management <swamp@suse.de> --- This is an autogenerated message for OBS integration: This bug (928328) was mentioned in https://build.opensuse.org/request/show/670843 15.1 / libnettle -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com