oss-sec mailing list archives
CVE request: invalid memory accesses parsing object files in libgit2
From: Gustavo Grieco <gustavo.grieco () gmail com>
Date: Sat, 8 Oct 2016 10:15:55 -0300
Hi, We recently reported two invalid memory accesses in the last revision of libgit2: * Read out-of-bounds in git_oid_nfmt: https://github.com/libgit2/libgit2/issues/3936 * DoS using a null pointer derreference in git_commit_message: https://github.com/libgit2/libgit2/issues/3937 The developers are preparing a patch to harden object parsing in libgit2 here: https://github.com/libgit2/libgit2/pull/3956 Please assign one or more CVE if suitable. Regards, Gustavo.
Current thread:
- CVE request: invalid memory accesses parsing object files in libgit2 Gustavo Grieco (Oct 08)
- Re: CVE request: invalid memory accesses parsing object files in libgit2 cve-assign (Oct 08)