From $url: When HX_split is called with a maximum number of desired fields (4th argument != 0), passing in a string that has less fields than that led to a buffer overrun (write beyond end of malloc'd area). CVSS Base Score: 10 - Impact Subscore: 10 - Exploitability Subscore: 10 CVSS Temporal Score: 7.4 CVSS Environmental Score: Undefined Overall CVSS Score: 7.4 CVSS Base vector:: AV:N/AC:L/Au:N/C:C/I:C/A:C - AV: libHX may be used by network services - Au: some services may not require authentication - A: can cause crash when result is freed CVSS Temporal vectors:: RL:O/RC:C Affects all versions prior to, and including, 3.5.
Added 3.5 + patch, archs please go ahead with stabilizing.
Reopening.
Arches, please test and mark stable: =sys-libs/libhx-3.5 Target keywords : "amd64 ppc x86"
amd64 done
x86 stable
Marked ppc stable.
Fixing whiteboard and severity based on CVSS vector of: AV:N/AC:L/Au:N/C:C/I:C/A:C Thanks for the tip, Craig.
GLSA request filed.
libhx-3.5 is stabilized everywhere it has keywords, and all versions below 3.5 have been dropped. Is there anything else that needs to be done?
(In reply to comment #9) > Is there anything else that needs to be done? Hi, Matt. We need to publish a GLSA for this one (and any other open bugs with [glsa] in the whiteboard). Once that happens, we'll close the bug.
Can you go ahead and vote that you're not going to do anything?
Gladly. >3 years old, marking noglsa.
