Hi Willi,
On Sun, Dec 14, 2014 at 10:10:58AM +0100, Willi Mann wrote:
Hi Dave,
does 0.21.7 solve both security issues reported? If yes, could point
send me the individual patches that fix these issues? The Debian branch
for the next stable distribution is already frozen, so I cannot fix
Processing control commands:
tags -1 + patch
Bug #772811 [unrtf] unrtf: CVE-2014-9274 CVE-2014-9275
Added tag(s) patch.
--
772811: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772811
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to
Control: tags -1 + patch
Hi Willi
Attached are two patches separated per CVEs.
Regards,
Salvatore
Description: CVE-2014-9274: out-of-bounds memory access
UnRTF allows remote attackers to cause a denial of service (crash) and
possibly execute arbitrary code as demonstrated by a file containing
On Sun, Dec 21, 2014 at 03:08:00PM +0100, Salvatore Bonaccorso wrote:
Hi Willi,
On Sun, Dec 14, 2014 at 10:10:58AM +0100, Willi Mann wrote:
Hi Dave,
does 0.21.7 solve both security issues reported? If yes, could point
send me the individual patches that fix these issues? The Debian
Hi Salvatore,
we were working in parallel unfortunately, as I prepared the same
patches in the morning. However, I also added 2 patches by
Fabian Keil. I'll upload tomorrow in the evening, you can have a look at
http://anonscm.debian.org/cgit/collab-maint/unrtf.git/
comments welcome.
thanks
Hi Willi,
On Sun, Dec 21, 2014 at 10:02:08PM +0100, Willi Mann wrote:
Hi Salvatore,
we were working in parallel unfortunately, as I prepared the same
patches in the morning. However, I also added 2 patches by
Fabian Keil. I'll upload tomorrow in the evening, you can have a look at
Don't
Hi Dave,
does 0.21.7 solve both security issues reported? If yes, could point
send me the individual patches that fix these issues? The Debian branch
for the next stable distribution is already frozen, so I cannot fix
these bugs with new upstream versions.
thanks
Willi
Am 2014-12-11 um 12:16
Package: unrtf
Severity: grave
Tags: security
Please see http://www.openwall.com/lists/oss-security/2014/12/03/4
for more information and references to patches.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble?
8 matches
Mail list logo