Bug#993567: libedit-dev heap buffer overflow in readline.c:791
Sylvestre Ledru
sylvestre at debian.org
Fri Sep 3 10:49:06 BST 2021
Hello,
In general please don't send public security issues. we have processes
for this.
See
https://www.debian.org/security/faq#discover
Le 03/09/2021 à 09:52, Chris Liu a écrit :
> Package: libedit-dev
> Version: 3.1-20191231
> Tags: security
> Severity: important
>
> I was fuzzing libedit-dev package downloaded from apt-get with AFL,
> and ASAN could catch heap buffer overflow from one of the input while
> using fileman as my fuzzing harness. The same can be confirmed with
> bullseye and bookworm. The input file readline_791 is attached in this
> email.
>
I will reply in private about this issue
S
More information about the Pkg-llvm-team
mailing list