Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 617320

Summary: sys-apps/file: Heap-buffer-overflow in cdf_read_property_info
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: normal CC: base-system
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=958
Whiteboard:
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2017-05-03 10:07:39 UTC
OSS-Fuzz is a Continuous Fuzzing for Open Source Software. When a bug is found, it is filed on bugs.chromium.org instead of the upstream's bugzilla. The main reference you have is the range date when ClusterFuzz detected that the issue is fixed. So, when upstream does not add anything useful in that place (like the git commit which fixes the issue), you can dig in the upstream git repository and look in such range date. If you are unable to do this task you can get in touch with upstream. See the ${URL} for more details


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Agostino Sarubbo gentoo-dev 2017-05-10 13:33:08 UTC
Sorry for the inconvenience, this bug looks to be invalid.