Home page logo

oss-sec logo oss-sec mailing list archives

CVE Request - Slim 1.3.6 fixes a security issue
From: "mancha" <mancha1 () hush com>
Date: Wed, 09 Oct 2013 13:03:14 +0000

Hello Kurt, vendors, et al.

Slim 1.3.6 fixes a security flaw related to a potential NULL ptr.
dereference when using crypt() from glibc 2.17+ (eglibc 2.17+).
Without the fix, malformed or unsupported salts crash the login

Upstream fix: http://git.berlios.de/cgi-

Would you please allocate a CVE for this issue?



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]