Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

There is an illegal address access in eval.cpp of libsass #2446

Closed
abompard opened this issue Jul 18, 2017 · 3 comments

Comments

@abompard
Copy link

commented Jul 18, 2017

This was reported here: https://bugzilla.redhat.com/show_bug.cgi?id=1471782
In this Bugzilla ticket you will find all the information and the code to reproduce the error.

@saper

This comment has been minimized.

Copy link
Member

commented Jul 19, 2017

Which libsass version was used to create a crash?

@abompard

This comment has been minimized.

Copy link
Author

commented Jul 24, 2017

The version was 3.4.1

(sorry for not replying earlier)

mgreter added a commit to mgreter/sass-spec that referenced this issue Jul 25, 2017
xzyfer added a commit to mgreter/sass-spec that referenced this issue Aug 31, 2017
xzyfer added a commit to mgreter/sass-spec that referenced this issue Aug 31, 2017
xzyfer added a commit to mgreter/sass-spec that referenced this issue Aug 31, 2017
xzyfer added a commit to mgreter/sass-spec that referenced this issue Aug 31, 2017
xzyfer added a commit to mgreter/sass-spec that referenced this issue Aug 31, 2017
xzyfer added a commit to mgreter/sass-spec that referenced this issue Aug 31, 2017
xzyfer added a commit to sass/sass-spec that referenced this issue Aug 31, 2017
This PR activates specs for sass/libsass#2446
xzyfer added a commit to sass/sass-spec that referenced this issue Aug 31, 2017
This PR activates specs for sass/libsass#2446
@xzyfer xzyfer closed this in #2450 Aug 31, 2017
@xi

This comment has been minimized.

Copy link

commented Jun 5, 2019

Assigned CVE-2017-11555

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.