| Summary: | sys-apps/file: Heap-buffer-overflow in cdf_read_property_info | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED INVALID | ||
| Severity: | normal | CC: | base-system |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=958 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
Sorry for the inconvenience, this bug looks to be invalid. |
OSS-Fuzz is a Continuous Fuzzing for Open Source Software. When a bug is found, it is filed on bugs.chromium.org instead of the upstream's bugzilla. The main reference you have is the range date when ClusterFuzz detected that the issue is fixed. So, when upstream does not add anything useful in that place (like the git commit which fixes the issue), you can dig in the upstream git repository and look in such range date. If you are unable to do this task you can get in touch with upstream. See the ${URL} for more details @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.