Several vulnerabilities in libical
Allen Winter
winter at kde.org
Fri Jul 29 15:36:07 PDT 2016
Emilio,
I'm happy to work with Brandon or you to fix these vulnerabilities in libical master for the next 2.x release.
I am no longer interested in the older releases (0.47, 1.x)
Feel free to send me direct email with test programs, patches, etc.
I may have fixed some of these already in master, but worth looking at them again.
You may also want to take a look at the Coverity analysis at
https://scan.coverity.com/projects/libical-libical/view_defects
On Friday, July 29, 2016 09:24:26 PM Emilio Pozuelo Monfort wrote:
> Hi,
>
> There have been a few vulnerabilities reported against libical, and I don't see
> any fixes in the repository. I found this but it went unanswered:
>
> https://github.com/libical/libical/issues/235
>
> The vulnerabilities are listed in:
>
> http://www.openwall.com/lists/oss-security/2016/06/25/4
>
> There is little information on some of them as the mozilla bugs (except for one)
> are marked as private. Perhaps Brandon (Cc'ed) can open them or provide some
> information.
>
> Thanks,
> Emilio
>
> _______________________________________________
> libical-devel mailing list
> libical-devel at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/libical-devel
More information about the libical-devel
mailing list