[Bug 1019809] New: VUL-0: CVE-2017-5356: irssi: out of bounds read in format string
http://bugzilla.suse.com/show_bug.cgi?id=1019809 Bug ID: 1019809 Summary: VUL-0: CVE-2017-5356: irssi: out of bounds read in format string Classification: openSUSE Product: openSUSE Distribution Version: 13.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: meissner@suse.com Reporter: meissner@suse.com QA Contact: qa-bugs@suse.de CC: mrueckert@suse.com Found By: Security Response Team Blocker: --- CVE-2017-5356 Hi, can you please check whether the following Irssi issue needs a CVE - Printing the value %[ leads to oob read This has been reported to the Irssi project by Hanno Böck and is already fixed as part of the last CVE request, however I failed to include this issue in the initial report. Hanno has blogged about this at [1] and linked it to the other issue which we credited him for (but it is in fact a separate issue). Thanks, [1] https://blog.fuzzing-project.org/55-Fuzzing-Irssi-with-Perl-Scripts.html References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5356 http://seclists.org/oss-sec/2017/q1/77 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1019809
http://bugzilla.suse.com/show_bug.cgi?id=1019809#c2
Marcus Rückert
http://bugzilla.suse.com/show_bug.cgi?id=1019809
Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1019809
Swamp Workflow Management
participants (1)
-
bugzilla_noreply@novell.com