On Sat, Dec 07, 2013 at 08:29:54AM +0100, Andreas Tille wrote:
Thanks for droping us this note. Could you be so kind to provide a link
to SVN to enable us cherry picking the patch? Do you plan to do a
release in the short future?
Not necessarily the short future, but ideally sometime in
Hi James,
On Tue, Dec 03, 2013 at 10:16:11AM +, James Bonfield wrote:
I now believe this to be fixed in SVN. Hopefully it hasn't broken
anything either, although I don't have any valid tar files using that
particular prefix encoding to test on.
Thanks for droping us this note. Could you
I now believe this to be fixed in SVN. Hopefully it hasn't broken
anything either, although I don't have any valid tar files using that
particular prefix encoding to test on.
James
--
James Bonfield (j...@sanger.ac.uk) | Hora aderat briligi. Nunc et Slythia Tova
Le Sun, Nov 10, 2013 at 09:20:08PM -0500, Sang Kil Cha a écrit :
Package: staden-io-lib-utils
Version: 1.12.4-1
Severity: grave
Tags: security
Justification: user security hole
index_tar has a buffer overflow vulnerability. A PoC file is attached.
Hello,
thanks for the report. Have you
Hi,
Yes I think I did submitted it to upstream.
I don't have a particular patch, but I believe it is trivial to add a
check for the overflow.
Thanks,
Sang Kil
On Sat, Nov 30, 2013 at 3:40 AM, Charles Plessy ple...@debian.org wrote:
Le Sun, Nov 10, 2013 at 09:20:08PM -0500, Sang Kil Cha a
Le Sat, Nov 30, 2013 at 04:01:50AM -0500, Sang Kil Cha a écrit :
Yes I think I did submitted it to upstream.
Hi again,
I do not see it in the Upstream bugtracker. Can you also submit it there ?
http://sourceforge.net/p/staden/bugs/
Have a nice Sunday,
--
Charles Plessy
Debian Med
>
Bug#729276: staden-io-lib-utils: bufferoverflow in index_tar
debian-bugs-rc
-- Thread --
-- Date --
Bug#729276: staden-io-lib-utils: bufferoverflow in index_tar
Sang Kil
7 matches
Mail list logo