Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE Request - Slim 1.3.6 fixes a security issue
From: "mancha" <mancha1 () hush com>
Date: Wed, 09 Oct 2013 13:03:14 +0000

Hello Kurt, vendors, et al.

Slim 1.3.6 fixes a security flaw related to a potential NULL ptr.
dereference when using crypt() from glibc 2.17+ (eglibc 2.17+).
Without the fix, malformed or unsupported salts crash the login
daemon.

Upstream fix: http://git.berlios.de/cgi-
bin/cgit.cgi/slim/commit/?id=fbdfae3b406b1bb6f4e5e440e79b9b8bb8f071f
b

Would you please allocate a CVE for this issue?

Regards,

--mancha


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]