Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
CVE-2016-5824: use-after-free issues #286
@brandonprry has been fuzzing libical last year and found some issues, he reported them first in #235 but closed the ticket when he opened the same ticket against thunderbird in the hope to get more answers: https://bugzilla.mozilla.org/show_bug.cgi?id=1275400 Also lacking any positive answer there, he published all his fuzzing results here: https://github.com/brandonprry/ical-fuzz
At this point it's not clear whether those issues have been fixed in libical and if they have, it would be nice to know which commit fixed them. This is the point of this ticket.
A CVE number has been assigned to those issues: https://security-tracker.debian.org/tracker/CVE-2016-5824 (CVE assignment here: http://seclists.org/oss-sec/2016/q2/604)