Summary: | <dev-scheme/chicken-4.10.0-r1: buffer overrun vulnerability in CHICKEN Scheme's substring-index[-ci] procedures (CVE-2014-9651) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ewfalor, maksbotan, proxy-maint, scheme |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2015/01/12/3 | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2015-01-13 08:41:06 UTC
I'm sorry for the long delay on this. I'm preparing an ebuild for the latest CHICKEN release, 4.10.0 which addresses this, and all open dev-scheme/chicken issues. I have submitted an updated ebuild for the latest version of CHICKEN to bug #467966 This issue was resolved and addressed in GLSA 201612-54 at https://security.gentoo.org/glsa/201612-54 by GLSA coordinator Thomas Deutschmann (whissi). |