[Filesystems-devel] Bug#793467: squashfs-tools: CVE-2015-4645
Romeo Papa
romeopapa at caramail.com
Fri Jul 24 10:09:14 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Source: squashfs-tools
Version: 1:4.2+20130409-2
Severity: normal
Hello,
Filing a bug for CVE-2015-4645,
> overflows the bytes variable, so that the allocation of
> fragments_bytes[] has an erroneous size.
Described here:
https://github.com/devttys0/sasquatch/pull/5
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJVsg7KAAoJEM5wUx8CP5BT0RAP/2RVP+WblwuFAmM2iRZa4I+0
a9aLecS/94flioUTfb3vS3oKInDa17cXBPf830KvwpMDu8i40yhNC6NpvU8E2BKa
6FcGDtrv5mN5iDpvqcszu6hrnAxGNe8Q9poq7vSQ4riM11YgOgcI6CWBXQzEDasY
cgcaQt33KbeEVic0sFW6tdN22WkGSivlxmuoG4bc+zdHVGfMMPIvqEUV3q+FdqEJ
vsYA5ZAvWk3rgOMnA2O8MC2/BORxo9VlEPz2gCACcl0jUXjHm/MnO+hhET4uRJER
CFbPOx5qeAQuk0oltz9//hiXv6rES3Q1OG54xUWjhHvaeowEAMmuzvhLBV5B8mF0
xCUkpakZUjqyS+GcPHvE7jgIS6y/QEiXk+2Z6sfpAn07kgcGuSfdJpC390TeCrQx
7sdXhZRqrlSqQO1oOZmM+mH7x4U3Jk/MU4BSKcvGx/vY0kKr8rEdR1wOeeCWx77t
ILrI1f99/ZIEJd6IsaU4myGBwTMLYnyA8Syp/6ZgFNSgbyIVvSzfv954kYW16tMZ
AAxJrl7iyRrCPDY6e2PptfQxRsX2+8jZmADvpUDjOWA92l0/48GVvInKCqCXo/d3
7a+YdqeVkXHTtT3DSbve/VI5WOesrFfk9Wn81y51932/150ktxlRjwL+/IkliLMC
7MW8nDNdNg302HU3LFlE
=oPpZ
-----END PGP SIGNATURE-----
More information about the Filesystems-devel
mailing list