New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
heap Out-of-bound Read vulnerability #50
Comments
|
Hi!
Thanks for the report, I looked at the code and committed fixes for it
yesterday, but my colleague (Willem) just had to go home at that time.
Hence the commits arrived, but not replies to the email.
The commits are similar to Unbound's code for it, and I think they fix
the problem, as they test for out-of-bounds on the lines where the
out-of-bounds is reported. So I put the text 'fix' in the commit
message, and this auto-closes the issue ticket on github.
Best regards, Wouter
…On 25/09/2019 06:58, 三胖子 wrote:
Why closed??
—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub
<#50?email_source=notifications&email_token=ABH2RT6GEVWERYJRNV6OVCTQLLVZHA5CNFSM4IZ4IWOKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD7QTFPY#issuecomment-534852287>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ABH2RT5YIWWIMCMIR5XCNNDQLLVZHANCNFSM4IZ4IWOA>.
|
|
ok,thanks |
hi ,could you report this in security advisory and help to request a CVE for us:https://help.github.com/cn/github/managing-security-vulnerabilities/publishing-a-security-advisory |
|
Hi @pokerfacett , we don't think a CVE is necessary, but we will work to a release with the issue fixed on a short term. |
You don't need to be an upstream to request a CVE from MITRE. Someone requested one for this and CVE-2020-19860 was assigned. |
ldns heap Out-of-bound Read.pdf
The text was updated successfully, but these errors were encountered: