Home page logo

oss-sec logo oss-sec mailing list archives

Re: CVE request: davfs2 - Unsecure use of system()
From: Salvatore Bonaccorso <carnil () debian org>
Date: Tue, 17 Sep 2013 16:57:40 +0200

Hi Kurt, hi Luciano,

On Tue, Sep 17, 2013 at 10:13:40AM +0200, Luciano Bello wrote:
   A security vulnerability have been reported in davfs2 

Please, assign a CVE id.

As additional reference for this CVE request. The Debian Bugreport
also contains the proposed diffs to apply to 1.4.6 and 1.4.7. But here
are also upstream references.

Upstream Bugreport: http://savannah.nongnu.org/bugs/?40034

Patches: 1.4.6: http://savannah.nongnu.org/bugs/download.php?file_id=29141
         1.4.7: http://savannah.nongnu.org/bugs/download.php?file_id=29142


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]