New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Relevant commit for CVE-2019-9278 #26
Comments
Patch here:
|
This is the first I've heard of this CVE.
|
Hi @dfandrich, |
This looks like the Android patch, yet. I haven't analyzed whether it fixes the
alleged problem or not.
|
Ah, well. Hope you fix it at the earliest. I need to fix this in Debian :) |
@dfandrich, |
I haven't had time to look at it yet.
|
Hi @dfandrich, |
Hi @dfandrich, |
do you have the testcase available? |
not sure if would be safe already as it avoids the overflowing addition |
well, so it should work wjhen operting on unsigned ints... |
As the CVE quotes,
Do we have a fix for it yet?
Relevant bug report at Debian Security Tracker: https://security-tracker.debian.org/tracker/CVE-2019-9278
The text was updated successfully, but these errors were encountered: