[Bug 890088] CVE-2012-5669 freetype: heap buffer over-read in BDF
parsing _bdf_parse_glyphs() (#37906)
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=890088
Ján Rusnačko <jrusnack(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=important,public=201 |impact=important,public=201
|21215,reported=20121224,sou |21215,reported=20121224,sou
|rce=internet,cvss2=6.8/AV:N |rce=internet,cvss2=6.8/AV:N
|/AC:M/Au:N/C:P/I:P/A:P,rhel |/AC:M/Au:N/C:P/I:P/A:P,rhel
|-5/freetype=affected,rhel-6 |-5/freetype=affected,rhel-6
|/freetype=notaffected,fedor |/freetype=affected,fedora-a
|a-all/freetype=affected,fed |ll/freetype=affected,fedora
|ora-all/mingw-freetype=affe |-all/mingw-freetype=affecte
|cted |d
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=YTnyuzZ7gb&a=cc_unsubscribe
8 years, 5 months
[Bug 880466] CVE-2012-5134 libxml2: Heap-buffer-underflow in
xmlParseAttValueComplex
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=880466
Ján Rusnačko <jrusnack(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=important,public=201 |impact=important,public=201
|21127,reported=20121126,sou |21127,reported=20121126,sou
|rce=google,cvss2=6.8/AV:N/A |rce=google,cvss2=6.8/AV:N/A
|C:M/Au:N/C:P/I:P/A:P,rhel-5 |C:M/Au:N/C:P/I:P/A:P,rhel-5
|/libxml2=affected,rhel-6/li |/libxml2=affected,rhel-6/li
|bxml2=affected,rhel-6/mingw |bxml2=affected,rhel-6/mingw
|32-libxml2=notaffected,fedo |32-libxml2=affected,fedora-
|ra-all/libxml2=affected,fed |all/libxml2=affected,fedora
|ora-all/mingw32-libxml2=aff |-all/mingw32-libxml2=affect
|ected |ed
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=lCmnY1k3du&a=cc_unsubscribe
8 years, 5 months
[Bug 787067] CVE-2012-0841 libxml2: hash table collisions CPU usage
DoS
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=787067
Ján Rusnačko <jrusnack(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2012 |impact=moderate,public=2012
|0221,reported=20120116,sour |0221,reported=20120116,sour
|ce=researcher,cvss2=5.0/AV: |ce=researcher,cvss2=5.0/AV:
|N/AC:L/Au:N/C:N/I:N/A:P,rhe |N/AC:L/Au:N/C:N/I:N/A:P,rhe
|l-4/libxml2=affected,rhel-5 |l-4/libxml2=affected,rhel-5
|/libxml2=affected,rhel-6/li |/libxml2=affected,rhel-6/li
|bxml2=affected,rhel-6/mingw |bxml2=notaffected,rhel-6/mi
|32-libxml2=notaffected,fedo |ngw32-libxml2=affected,fedo
|ra-all/libxml2=affected,fed |ra-all/libxml2=affected,fed
|ora-all/mingw32-libxml2=aff |ora-all/mingw32-libxml2=aff
|ected,epel-5/mingw32-libxml |ected,epel-5/mingw32-libxml
|2=affected,cwe=CWE-407 |2=affected,cwe=CWE-407
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Qg4nCPvjSr&a=cc_unsubscribe
8 years, 5 months
[Bug 724906] CVE-2011-0216 libxml2: Off-by-one error leading to
heap-based buffer overflow in encoding
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=724906
Ján Rusnačko <jrusnack(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=low,public=20110720, |impact=low,public=20110720,
|reported=20110721,source=cv |reported=20110721,source=cv
|e,cvss2=5.1/AV:N/AC:H/Au:N/ |e,cvss2=5.1/AV:N/AC:H/Au:N/
|C:P/I:P/A:P,fedora-all/libx |C:P/I:P/A:P,fedora-all/libx
|ml=notaffected,fedora-all/l |ml=notaffected,fedora-all/l
|ibxml2=affected,fedora-all/ |ibxml2=affected,fedora-all/
|mingw32-libxml2=affected,rh |mingw32-libxml2=affected,rh
|el-4/libxml2=affected,rhel- |el-4/libxml2=affected,rhel-
|5/libxml2=affected,rhel-6/l |5/libxml2=affected,rhel-6/l
|ibxml2=affected,rhel-6/ming |ibxml2=affected,rhel-6/ming
|w32-libxml2=notaffected |w32-libxml2=affected
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=5OFjsJHXJS&a=cc_unsubscribe
8 years, 5 months
[Bug 835863] CVE-2012-2807 libxml2 (64-bit): Multiple integer
overflows, leading to DoS or possibly other unspecified impact
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=835863
Ján Rusnačko <jrusnack(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2012 |impact=moderate,public=2012
|0626,reported=20120627,sour |0626,reported=20120627,sour
|ce=cve,cvss2=5.1/AV:N/AC:H/ |ce=cve,cvss2=5.1/AV:N/AC:H/
|Au:N/C:P/I:P/A:P,rhel-5/lib |Au:N/C:P/I:P/A:P,rhel-5/lib
|xml2=affected,rhel-6/libxml |xml2=affected,rhel-6/libxml
|2=notaffected,openshift-1/l |2=affected,openshift-1/libx
|ibxml2=notaffected,fedora-a |ml2=notaffected,fedora-all/
|ll/libxml2=affected,fedora- |libxml2=affected,fedora-all
|all/libxml=notaffected,rhel |/libxml=notaffected,rhel-6/
|-6/mingw32-libxml2=notaffec |mingw32-libxml2=notaffected
|ted,epel-5/mingw32-libxml2= |,epel-5/mingw32-libxml2=aff
|affected,fedora-all/mingw32 |ected,fedora-all/mingw32-li
|-libxml2=affected |bxml2=affected
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=ncwHMLWTlq&a=cc_unsubscribe
8 years, 5 months
[Bug 787067] CVE-2012-0841 libxml2: hash table collisions CPU usage
DoS
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=787067
Ján Rusnačko <jrusnack(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2012 |impact=moderate,public=2012
|0221,reported=20120116,sour |0221,reported=20120116,sour
|ce=researcher,cvss2=5.0/AV: |ce=researcher,cvss2=5.0/AV:
|N/AC:L/Au:N/C:N/I:N/A:P,rhe |N/AC:L/Au:N/C:N/I:N/A:P,rhe
|l-4/libxml2=affected,rhel-5 |l-4/libxml2=affected,rhel-5
|/libxml2=affected,rhel-6/li |/libxml2=affected,rhel-6/li
|bxml2=notaffected,rhel-6/mi |bxml2=affected,rhel-6/mingw
|ngw32-libxml2=notaffected,f |32-libxml2=notaffected,fedo
|edora-all/libxml2=affected, |ra-all/libxml2=affected,fed
|fedora-all/mingw32-libxml2= |ora-all/mingw32-libxml2=aff
|affected,epel-5/mingw32-lib |ected,epel-5/mingw32-libxml
|xml2=affected,cwe=CWE-407 |2=affected,cwe=CWE-407
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=fmDBa1FoQv&a=cc_unsubscribe
8 years, 5 months
[Bug 1162666] New: binutils: out of bounds memory write
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1162666
Bug ID: 1162666
Summary: binutils: out of bounds memory write
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: vkaigoro(a)redhat.com
CC: bgollahe(a)redhat.com, dan(a)danny.cz,
dhowells(a)redhat.com, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
jakub(a)redhat.com, kalevlember(a)gmail.com,
kanderso(a)redhat.com, ktietz(a)redhat.com,
law(a)redhat.com, lkocman(a)redhat.com, lkundrak(a)v3.sk,
mfranc(a)redhat.com, mhlavink(a)redhat.com,
nickc(a)redhat.com, ohudlick(a)redhat.com,
pfrankli(a)redhat.com, rjones(a)redhat.com,
rob(a)robspanton.com, seceng-idm-qe-list(a)redhat.com,
swhiteho(a)redhat.com, thibault.north(a)gmail.com,
tmlcoch(a)redhat.com, trond.danielsen(a)gmail.com
It was reported [1] that objdump will try to overwrite part of memory when
processing a crafted "ar" archive file.
Upstream patch for this is at [2].
[1]: https://sourceware.org/bugzilla/show_bug.cgi?id=17533
[2]:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bb0d867169d7e9...
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=MacgSycVBH&a=cc_unsubscribe
8 years, 5 months