Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
@brandonprry has been fuzzing libical last year and found some issues, he reported them first in #235 but closed the ticket when he opened the same ticket against thunderbird in the hope to get more answers: https://bugzilla.mozilla.org/show_bug.cgi?id=1275400 Also lacking any positive answer there, he published all his fuzzing results here: https://github.com/brandonprry/ical-fuzz
At this point it's not clear whether those issues have been fixed in libical and if they have, it would be nice to know which commit fixed them. This is the point of this ticket.
A CVE number has been assigned to those issues: https://security-tracker.debian.org/tracker/CVE-2016-5824 (CVE assignment here: http://seclists.org/oss-sec/2016/q2/604)
The text was updated successfully, but these errors were encountered:
Apparently #251 might be related.
Sorry, something went wrong.
right. I had individual issues already assigned for those CVEs. all of them are fixed now except for #253 which we don't know what to do about.
No branches or pull requests
@brandonprry has been fuzzing libical last year and found some issues, he reported them first in #235 but closed the ticket when he opened the same ticket against thunderbird in the hope to get more answers: https://bugzilla.mozilla.org/show_bug.cgi?id=1275400 Also lacking any positive answer there, he published all his fuzzing results here: https://github.com/brandonprry/ical-fuzz
At this point it's not clear whether those issues have been fixed in libical and if they have, it would be nice to know which commit fixed them. This is the point of this ticket.
A CVE number has been assigned to those issues: https://security-tracker.debian.org/tracker/CVE-2016-5824 (CVE assignment here: http://seclists.org/oss-sec/2016/q2/604)
The text was updated successfully, but these errors were encountered: