This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH v3] [BZ #15857] malloc: Check for integer overflow in memalign.
- From: Russ Allbery <rra at stanford dot edu>
- To: Siddhesh Poyarekar <siddhesh dot poyarekar at gmail dot com>
- Cc: Will Newton <will dot newton at linaro dot org>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Wed, 11 Sep 2013 19:19:56 -0700
- Subject: Re: [PATCH v3] [BZ #15857] malloc: Check for integer overflow in memalign.
- Authentication-results: sourceware.org; auth=none
- References: <522F1BA7 dot 7070102 at linaro dot org> <CAAHN_R0gdT6M=gq=yTWV5xZ47eEu1iDRQXMKK1sKNk_i-PEVaA at mail dot gmail dot com> <CANu=Dmh4QkKogpXHO0P2YN2szLhQuyVz+UnYGzgcbpj+ODKKOw at mail dot gmail dot com> <CAAHN_R0SXm8RMQGDw+ASBZRH9bNvfzng0Vp+6CUpV2NM+m_KzA at mail dot gmail dot com> <CANu=Dmivg6AY+_jLmQYomvod4iEU5EK=XWsZHHtgP9hB-D2k9w at mail dot gmail dot com> <CAAHN_R3nYeCUXm0Pn0JLpb3hiUX1wO7cUqVD-QNdc=uzorV8Xw at mail dot gmail dot com>
Siddhesh Poyarekar <siddhesh.poyarekar@gmail.com> writes:
> On 11 September 2013 16:02, Will Newton <will.newton@linaro.org> wrote:
>> I'm not sure what the process is here, MAINTAINERS on the wiki has a
>> link to CERT, but I aware that there are folks who work for CVE issuing
>> authorities on this list. ;-)
> I've seen people emailing requests for CVE numbers on the oss-security
> mailing list (oss-security at lists dot openwall dot com).
For some reason, this document is remarkably hard to find in Google, but
here's the process:
https://people.redhat.com/kseifrie/CVE-OpenSource-Request-HOWTO.html
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>