Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TALOS-CAN-152 #718

Closed
kientzle opened this issue Jun 19, 2016 · 3 comments
Closed

TALOS-CAN-152 #718

kientzle opened this issue Jun 19, 2016 · 3 comments
Milestone

Comments

@kientzle
Copy link
Contributor

Placeholder for a security issue that is being investigated.

A fix will be committed shortly.

@kientzle kientzle added this to the 3.2.1 milestone Jun 19, 2016
@kientzle
Copy link
Contributor Author

Fixed in commit e79ef30

kientzle added a commit that referenced this issue Jun 20, 2016
If a 7-Zip archive declares a rediculously large number of substreams,
it can overflow an internal counter, leading a subsequent memory
allocation to be too small for the substream data.

Thanks to the Open Source and Threat Intelligence project at Cisco
for reporting this issue.
@kientzle
Copy link
Contributor Author

This issue was reported by the Open Source and Threat Intelligence project at Cisco.

@kientzle kientzle changed the title Security Issue 152 TALOS-CAN-152 Jun 20, 2016
@mmatuska
Copy link
Member

mmatuska commented Jun 21, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants