Re: Bug#994405: libgmp10:i386: buffer overflow due to integer overflow in mpz/inp_raw.c on 32-bit machines

To: Adrian Bunk <bunk@debian.org>
Cc: 994405@bugs.debian.org, Vincent Lefevre <vincent@vinc17.net>, Debian LTS <debian-lts@lists.debian.org>
Subject: Re: Bug#994405: libgmp10:i386: buffer overflow due to integer overflow in mpz/inp_raw.c on 32-bit machines
From: Anton Gladky <gladk@debian.org>
Date: Mon, 15 Nov 2021 06:27:20 +0100
Message-id: <[🔎] CALF6qJmAftcH1HO5fuabquGouKMnHyc7p-RDhMOuYCYhCOx+gQ@mail.gmail.com>
In-reply-to: <[🔎] 20211113200904.GA28983@localhost>
References: <CALF6qJ=Ttsc0M1VBcq9Q95VL_Gt8qFhfrfPTkeZMHfiF6q2=jg@mail.gmail.com> <20210916231710.GC231933@zira.vinc17.org> <20210915154800.GA1676825@cventin.lip.ens-lyon.fr> <CALF6qJ=g__sVaieaGMuszLtP0HZ-+w2frZOOG8=D_-6R2oFYpA@mail.gmail.com> <[🔎] 20211113200904.GA28983@localhost>

CVE-2021-43618 is assigned to this issue.

Adrian Bunk <bunk@debian.org> schrieb am Sa., 13. Nov. 2021, 21:09:

On Fri, Sep 17, 2021 at 07:02:48AM +0200, Anton Gladky wrote:
> Thanks, Vincent, for the information. I would still wait for CVE,
> so we can apply a patch and track vulnerability for other
> Debian versions (stable/oldstable/o-o-stable etc.).

Hi Anton,

did you manage to get a CVE assigned for this issue, or has there been
any problem with tnat?

> Regards
>
> Anton

Thanks
Adrian

Reply to:

References:
- Re: Bug#994405: libgmp10:i386: buffer overflow due to integer overflow in mpz/inp_raw.c on 32-bit machines
  - From: Adrian Bunk <bunk@debian.org>

Prev by Date: Re: Bug#994405: libgmp10:i386: buffer overflow due to integer overflow in mpz/inp_raw.c on 32-bit machines
Next by Date: Semi-automatic package unclaim after two weeks of inactivity
Previous by thread: Re: Bug#994405: libgmp10:i386: buffer overflow due to integer overflow in mpz/inp_raw.c on 32-bit machines
Next by thread: Semi-automatic package unclaim after two weeks of inactivity
Index(es):
- Date
- Thread