Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE request: davfs2 - Unsecure use of system()
From: Salvatore Bonaccorso <carnil () debian org>
Date: Tue, 17 Sep 2013 16:57:40 +0200

Hi Kurt, hi Luciano,

On Tue, Sep 17, 2013 at 10:13:40AM +0200, Luciano Bello wrote:
Hi,
   A security vulnerability have been reported in davfs2 
http://bugs.debian.org/723034

Please, assign a CVE id.

As additional reference for this CVE request. The Debian Bugreport
also contains the proposed diffs to apply to 1.4.6 and 1.4.7. But here
are also upstream references.

Upstream Bugreport: http://savannah.nongnu.org/bugs/?40034

Patches: 1.4.6: http://savannah.nongnu.org/bugs/download.php?file_id=29141
         1.4.7: http://savannah.nongnu.org/bugs/download.php?file_id=29142

Regards,
Salvatore


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault