http://bugzilla.opensuse.org/show_bug.cgi?id=1134074 Bug ID: 1134074 Summary: VUL-1: CVE-2019-11640: gnu-recutils: heap-based buffer overflow in the function rec_fex_parse_str_simple Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.0 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: abergmann@suse.com QA Contact: security-team@suse.de Found By: --- Blocker: --- CVE-2019-11640: An issue was discovered in GNU recutils 1.8. There is a heap-based buffer overflow in the function rec_fex_parse_str_simple at rec-fex.c in librec.a. References: https://github.com/TeamSeri0us/pocs/blob/master/recutils/bug-report-recutils... https://github.com/TeamSeri0us/pocs/tree/master/recutils/bug-report-recutils... https://github.com/TeamSeri0us/pocs/tree/master/recutils/bug-report-recutils... -- You are receiving this mail because: You are on the CC list for the bug.