Bug#994405: libgmp10:i386: buffer overflow due to integer overflow in mpz/inp_raw.c on 32-bit machines
Anton Gladky
gladk at debian.org
Sun Nov 14 13:15:25 GMT 2021
Hi Adrian,
well, I was thinking that upstream should request a CVE. Neverheless
I could not reproduce the issue with the modern GCC-versions.
Even on 32bit-systems.
Regards
Anton
Am Sa., 13. Nov. 2021 um 21:09 Uhr schrieb Adrian Bunk <bunk at debian.org>:
>
> On Fri, Sep 17, 2021 at 07:02:48AM +0200, Anton Gladky wrote:
> > Thanks, Vincent, for the information. I would still wait for CVE,
> > so we can apply a patch and track vulnerability for other
> > Debian versions (stable/oldstable/o-o-stable etc.).
>
> Hi Anton,
>
> did you manage to get a CVE assigned for this issue, or has there been
> any problem with tnat?
>
> > Regards
> >
> > Anton
>
> Thanks
> Adrian
More information about the debian-science-maintainers
mailing list